The Pentagon finally confirms the most significant breach of US military computers ever
The Pentagon has finally confirmed a security breach that happened back in 2008 and which one of their top officials has described as “the most significant breach of U.S. military computers ever.” The breach was caused when a foreign intelligence agent used a flash drive to infect US military computers, including those used by the Central Command to oversee combat zones in Iraq and Afghanistan.
The device in question was a cigarette-lighter-sized flash drive which was plugged into an American military laptop from a base in the Middle East amounted to “a digital beachhead, from which data could be transferred to servers under foreign control,” according to William J. Lynn 3d, deputy secretary of defense, quoted by the New York Times
“It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” Mr. Lynn wrote. Read more
Montefiore Medical Center: two computer thefts expose well over 23,000 private records
Two recent thefts of desktop computers belonging to the Montefiore Medical Center lead to the exposure of sestive information on patients and students stored by Montefiore’s Finance Department and School Health Program Administrative Offices.
The first incident happened in late May when two desktop computers were stolen from Montefiore’s Finance Department. The theft was discovered a couple of days later. Montefiore assessed the incident and concluded patient information had been stored on the computers, including patient names and medical record numbers. For some patients, the data stored also included social security numbers, dates of birth, hospital admission dates and/or insurer information.
Read more
Lost thumb drive leads to potential data breach
A thumb drive containing personal data of current and past graduate medical education residents and fellows at Cooper University Hospital has recently gone missing. Lost around July 8th, the incident has been reported to the proper authorites a few days later who are now looking into the potential security breach only two weeks later.
According to hospital sources, the lost data includes Social Security numbers, addresses, and phone numbers. As it always happens in such cases, the data was not in anyway encrypted or protected.
The University later released the following statement:
Senior execs love undermining security
When it comes to high-level executives, the rules of the game often change. They are used to ask for exceptions to be made for them, backdoors to be opened and a whole different set of rules to be applied. This is what turns them in one of the biggest threats to corporate security.
According to Jayson Street, CIO and managing partner of Stratagem 1 Solutions, senior executives often circumvent security rules and policies to suit their needs and whims at the expense of security. The negative effect is that the special treatment leads to enabling cybercriminals to easily gain access to corporate networks by impersonating as management personnel. That is why, because of their systems privilege and access rights, they become ideal targets for all those wanting to hack into corporate networks. Read more
Private data of 208,000 at risk after laptop theft
AvMed Health Plans is currently dealing with a prominent data breach after having two company laptops stolen from their corporate offices in Gainesville in early December. The theft could compromise personal information of over 200,000 current and former subscribers, as well as their dependents, said a company announcement quoted by Gainesville.com.
The two laptops contained details such as names, addresses, phone numbers, Social Security numbers and protected health information. Yet the company states that the risk of identity theft is very low, as data was listed in a random way, regardless of the fact that, 12 days after the incident, AvMed discovered the data on one of the two laptops was not properly encrypted.
AvMed states there were no reports of identity theft up to now, but they will only have a clearer view on the situation after their members start registering for identity protection, service provided by the company for free for the next 24 months.
Was there or wasn’t there a loss of data?
A recent DOS attack on an Eugene School District server managed to succeed in breaching their security and access the said computer which contained the names, employee ID numbers and phone numbers of about 2500 current and former employees. While other sensitive information such as security numbers were not stored on the breached machine, the server was connected with others (apparently protected by other security systems as well), that contained private details on a total of 26000 people and vendors.
Luckily all student data are stored on different networks of the Eugene School District, so none of those studying in the region have been affected. The supposed breach seems to have only affected adults.
Yet the safetly of the 26000 different records is in no way guaranteed. There is no proof of further breaching, but there isn’t any to show there was none either. In the mean time, the breach is being investigated, while the school district’s website has been updated with information on the breach.
“A thorough investigation of the security breach has been initiated, police have been notified, and the district has taken measures to further safeguard the involved server,” the district said. “We are continuing to assess our information security systems to make certain that we have all appropriate measures in place to ensure that personal information is secure. We sincerely regret any inconvenience this may cause to our staff and vendors.”
More information here.
Everyone loves stolen data, even the French authorities!
French financial authorities might have just blown away an interesting case against people suspected of tax evasion because they have used stolen data in their investigation. The French had come across a list of 3000 of their nationals suspected of using Swiss banking secrecy to pay less or no taxes. But the list has been handed to them by a former IT worker at HSBC in Switzerland who, as it happens, did not have the bank’s approval to give it to the French…
The Swiss HSBC confirmed one of their employees was suspected of stealing data (in the 2008-2007 interval), but said case only involved a list of 10 accounts. A conviction of sorts isn’t confirmed, but the former IT employee is rumored to have fled to France where he benefits from French protection.
French newspapers quoted by The Register claim that the stolen list actually contained 4000 names of French clients, all of them holding abut 6 billion EUR, of which only a part were actually suspected of tax evasion. More on this case in The Register and The Times.
IDC: Most Insider Leaks are Accidents
When it comes to security breaches leading to data loss, accidents caused by insiders are more frequent and generally do more damage than those caused by insiders with malicious intents, shoes a new study published by industry research firm IDC industry research firm and sponsored bu RSA.
According to a report, 52 % of respondents characterized their insider threat incidents as predominantly accidental, while only 19% believed the threats were deliberate. Another 26 % said their insider issues were an equal combination of accidental and malicious threats.
“One of the things that jumped out at us from the study was how many insider incidents are unintentional,” says Chris Young, senior vice president of RSA products, quoted by Dark Reading. “These are individual actors who often are just trying to do their jobs and don’t understand that what they are doing is dangerous.” Read more
All-time-record hacker pleads guilty
The “I am legend” of the hacking and data theft world, Albert Gonzales, decided to plead guilty and now faces 15 to 25 years in jail. Gonzales is accused of masterminding a hacking circle that stole 130 million credit and debit card numbers from major retail chains such as Barnes and Noble, T.J. Maxx, Sports Authority, and OfficeMax.
According to The Register, Gonzales, who also used to be a government informant, agreed to plead guilty to 19 felony counts in Massachusetts by September 11. He also intends to plead guilty to a New York indictment accusing him of similar crimes that targeted 11 Dave & Buster’s restaurants. And that’s not all!
The deal does not cover a third indictment in New Jersey against Gonzalez related to the alleged theft of data from more than 130 million credit card accounts from card payment processor Heartland Payment Systems and retailers Hannaford Brothers and 7-Eleven.
In what money is concerned, Gonzales will also say goodbye to nearly 1.65 million US dollars in cash, his Miami condominium, a 2006 BMW, laptop computers, three Rolex watches, and then some more!
Mozilla closes shop due to vendor security breach
The Mozilla Foundation takes security breaches very seriously. It immediately closed its online stores after finding out a third-party company that runs one of the sites’ back-end operations had suffered a breach.
The security issues affected GatewayCDI, an SMB with offices in three US cities, which runs the Mozilla Store, the foundation said in a blog post quoted by the Register. There is still no information to confirm whether any customers of the website selling coffee cups, tee-shirts, and other Mozilla promotional goods have been compromised.
“Once notified, we took the immediate preventative step of shutting down the Mozilla Store to ensure that no additional users could be compromised,” Mozilla representatives wrote. “Mozilla immediately reached out to GatewayCDI and encouraged them to quickly inform individuals whose data had been compromised.”
Mozilla also stated they were undergoing a thorough analysis of their systems to determine the cause and extent of the breach. Additionally, GatewayCDI will make sure to contact directly any Mozilla Store customers who may have been affected by this blurry breach.
According to the same Register article, Mozilla also closed down its International Mozilla Store, although it wasn’t run by GatewayCDI. Both stores displayed a message saying “closed for maintenance.”
