GoDaddy, Apple, and Google Misissue 1 Million Certificates

  • Home
  • Blog
  • GoDaddy, Apple, and Google Misissue 1 Million Certificates

One million misissued certificates from only three companies is likely just the tip of the iceberg – there are probably millions more that haven’t been disclosed yet and GoDaddy, Google and Apple aren’t the only ones that use EJBCA.

We’re calling this incident a snafu – but that downplays how much impact mismanaged, non-compliant certificates can have on a business. From outages, to major security holes to misuse, for example, Apple is still cleaning up its enterprise certificate misshap from last month. Our research with the Ponemon Institute shows that 71% of businesses don’t even know how many certs they have – and are definitely not equipped to revoke and reissue at this scale, which also requires coordination with customers to prevent downtime. This is the perfect use case for automation technology in IT.

Ted Shorter

Chief Technology Officer

The 2022 State of Machine Identity Management Report

Get actionable insights from 1,200+ IT and security professionals on the next frontier for IAM strategy — machine identities.

Read the Report →