2016-08-25: "[https://groups.google.com/d/msg/mozilla.dev.security.policy/k9PBmyLCi8I/vanzaHaZCgAJ For BR auditor, I think this issue is too technical that fewer auditor can find out this problem.]"
[https://groups.google.com/d/msg/mozilla.dev.security.policy/k9PBmyLCi8I/gksYkOTLCwAJ List of crt.sh links to certificates involved] - total 72.Richard Wang [https://groups.google.com/d/msg/mozilla.dev.security.policy/yZaJh0KxFUc/6RYlFFQiDAAJ said]: "We checked our system, the certificates issued related using higher level port website control validation is totally 72 certificates. To be clear, those certificates are validated by website control validation method that using other port except 80 and 443."
2016-09-04: [https://www.wosign.com/report/wosign_incidents_report_09042016.pdf Official incident report].