Successful targeted hack?
If Comodohacker really is behind this, his 'manifesto' makes for interesting reading:
"I won't talk so many detail for now, just I wanted to let the world know that ANYTHING you do will have consequences, ANYTHING your country did in past, you have to pay for it [...] I was sure if I issue those certificates for myself from a company, company will be closed and will not be able to issue certs anymore [...] Dutch government's 13 million dollars which paid for DigiNotar will have to go DIRECTLY into trash, it's what I can do from KMs away."
And isn't that pretty much what's happened? Simplistic ideological motivations aside, does this represent the first (known) time that a lone hacker has targeted an organisation with a specific consequential goal in mind, and achieved that goal? I certainly can't think of another one.
As for DigiNotar, if the lack of security and the thing about the 'pr0d@dm1n' password is true they didn't deserve to be operating in the position of trust that they were.