Wikipedia
DigiNotar was a Dutch certificate authority owned by VASCO Data Security International. On September 3, 2011, after it had become clear that a security breach had resulted in the fraudulent issuing of certificates, the Dutch government took over operational management of DigiNotar's systems. That same month, the company was declared bankrupt.
An investigation into the hacking by Dutch-government appointed Fox-IT consultancy identified 300,000 Iranian Gmail users as the main target of the hack (targeted subsequently using man-in-the-middle attacks), and suspected that the Iranian government was behind the hack. While nobody has been charged with the break-in and compromise of the certificates , cryptographer Bruce Schneier says the attack may have been "either the work of the NSA, or exploited by the NSA." However, this has been disputed, with others saying the NSA had only detected a foreign intelligence service using the fake certificates. The hack has also been claimed by the so-called Comodohacker, allegedly a 21-year-old Iranian student, who also claimed to have hacked four other certificate authorities, including Comodo, a claim found plausible by F-Secure, although not fully explaining how it led to the subsequent "widescale interception of Iranian citizens".
After more than 500 fake DigiNotar certificates were found, major web browser makers reacted by blacklisting all DigiNotar certificates. The scale of the incident was used by some organizations like ENISA and AccessNow.org to call for a deeper reform of HTTPS in order to remove the weakest link possibility that a single compromised CA can affect that many users.