DigiNotar, established in 1997, was responsible for creating certificates that validate Web sites as legitimate. Although the breach traces back to July, DigiNotar reportedly took weeks to notice and revoked fake certificates without notifying anyone. A subsequent investigation revealed that DigiNotar certificates might have compromised the Google accounts of approximately 300,000 Iranians.
What this means is that when users in Iran and elsewhere navigated to certain Web sites, they might actually be visiting spoofed sites that stole personal information when users logged in. In the wake of the DigiNotar digital certificate hack, Microsoft revoked the trust of five DigiNotar root certificates, followed by Google, Mozilla, and Apple.