Dutch certificate authority DigiNotar issued false digital certificates issued by Dutch authority. The list of fraudulent digital certificates obtained from Digi not just Facebook, Google, Microsoft, Skype, Twitter, and WordPress. The first known certificate to be stolen dates from July 10, 2011. Hackers could have used the stolen certificates to spy on users of popular websites for weeks, experts say. The hacker behind the attacks against the Comodo certificate authority claimed credit in a Pastebin post for the successful hack.”]
Source: https://www.darkreading.com/attacks-breaches/stolen-digital-certificates-compromised-cia-mi6-tor