A security breach at a certificate authority controlled by the Indian government is bigger than initially thought. Google says it detected certificates for Google domain names that had been issued without authorization by the National Informatics Centre (NIC), a branch of the Indian Ministry of Communications and Information Technology. In the hands of attackers rogue certificates can be used to impersonate legitimate websites and snoop on encrypted communications of users. Google is aware of more rogue certificates issued by NIC aside from the four mentioned by India CCA.”]