[nirv]

Also some highlights from the same source:

"Theoretically, an ID-card can be used for person identification and digital signing - without having a card and not knowing PIN-codes. It is not enough to know public keys to crack the ID-card, an attacker would also need a lot of processing power to compute the private key and special software to put a digital signature."

"In October 2014 ID-cards began to use a brand new faster chips, which are based on new technology and therefore more secure. That new chip has received French and German safety certificates, which confirm the compliance of the chip with safety requirements. The same chip is currently used in several other countries, as well as on payment cards and business certificates. The vulnerability risk arose due to the combination of chip operation and software."

"We took a number of steps to minimize risks: closed the ID-card public key database, our experts analyze the situation and are looking for a solution to restore the highest security level."