Dutch PKI provider's web site security breach under investigation
The web site of Gemnet, subsidiary of KPN and provider of PKI certificates to the Dutch government, succumbed to a hacker's attack according to Webwereld reportsDutch language link. It appears that the attackers gained access to a database on the server managed by a PHPMyAdmin instance which was not protected by a password.
The attacker then used this web access to get to the database without a password. The company was informed that it was leaking information on Wednesday night and has been taken off the air by parent company KPN, who then launched an investigation.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump