This from the hacker claims more certs are broken into.
"Third: You only heards Comodo (successfully issued 9 certs for me -
thanks by the way-), DigiNotar (successfully generated 500+ code
signing and SSL certs for me -thanks again-), StartCOM (got connection
to HSM, was generating for twitter, google, etc. CEO was lucky enough,
but I have ALL emails, database backups, customer data which I'll
publish all via cryptome in near future), GlobalSign (I have access to
their entire server, got DB backups, their linux / tar gzipped and
downloaded, I even have private key of their OWN globalsign.com
domain, hahahaa).... BUT YOU HAVE TO HEAR SO MUCH MORE! SO MUCH MORE!
At least 3 more, AT LEAST! Wait and see, just wait a little bit like I
said in Comodo case."