A group of international security researchers has identified a potential security vulnerability that affects the use of Estonia’s ID cards and digital IDs.
When notified, Estonian authorities immediately took precautionary measures, including closing the public key database, in order to minimise the risk while the situation can be fully assessed and a solution developed.
According to current information, this security risk is still theoretical and no one’s digital identity has been misused. E-residents can continue to access their digital IDs through their digital ID cards. Should the situation change, card holders will be notified immediately.
This issue affects everyone with an Estonian ID card and digital ID issued after 16 October 2014 so the Estonian Prime Minister Jüri Ratas is speaking about this issue today to explain that the digital security of citizens, residents and e-residents will always be a top priority for Estonia.
We will keep e-residents updated on any developments and you can also email us at firstname.lastname@example.org if you have any questions.
We are grateful to the researchers for uncovering this issue and providing us with the opportunity to ensure our digital society can emerge stronger and more secure.