13 August 2014

Data Breach Bulletin: Anonymous Launches Cyber Attack on Israeli Websites



Here’s a roundup of the latest data breach news for the week of August 4, 2014:

CyberVor – If you follow security news, the announcement that a Russian cyber gang allegedly stole 1.2 billion passwords was arguably the biggest story of the week. Last Tuesday, the New York Times broke the news that Wisconsin-based Hold Security had discovered that a Russian hacker group they dubbed CyberVor had amassed a staggering 1.2 billion user names and passwords, believed to be the biggest data breach to date. Little detail was provided beyond that, leaving readers in the dark about who was affected and how exactly the hackers had collected such a large number of passwords. As the news of the heist broke, Hold Security made the oh-so generous offer to let site owners know if they were affected by CyberVor for a mere $120 per month, and then removed the page after Wall Street Journal reporter Danny Yadron tweeted a link to it (it’s back now). Security blogger Brian Krebs wrote a post backing Hold Security but didn’t originally disclose that he is on the company’s advisory board. Buried under the speculation about who got hit (i.e., everyone) and criticism of Hold and its “offer” were some sober discussions about the role of passwords in society. Speaking of which, it’s not a bad idea to change your passwords (it’s really never a bad idea to update your passwords).

U.S. Investigations Services – You don’t exactly want to see the company that does your background checks getting hacked but, last week, U.S. Investigations Services—an organization contracted by the Department of Homeland Security to do background checks—revealed that it had been hit with a breach that “had all the markings of a state-sponsored attack.” After discovering the breach, USIS notified federal authorities and announced the breach in a news release on their website. The DHS has stopped doing work with USIS since the breach, and the FBI has launched an investigation. At this point, it’s still unknown how many employees were impacted and what information was stolen. The DHS encrypts the personal data it sends to USIS, which is a positive sign, but it’s unclear if the data remains encrypted once it’s in USIS’s hands. Fun fact: USIS had previously performed background checks on Edward Snowden.

Mossad and IDF – Anonymous strikes again, this time launching a cyberwar against the Israeli government, the International Business Timesreports. The attacks, announced on one of Anonymous’ twitter accounts, are believed to be partially in retaliation for the killing of Tayeb Abu Shehada, 22, who was shot by an Israeli soldier while wearing a Guy Fawkes mask, a symbol associated with the hacktivist organization. The attacks are part of a larger campaign called #OpSaveGaza, targeting many Israeli websites in the past weeks. Anonymous claims that more than 100 websites were taken offline in the attacks, including sites belonging to Mossad and the Israel Defense Force. Israel claims the effects of the attacks on their websites have been limited.

Weber State University – More than 1,000 students, faculty, and staff at Weber State University in Utah may have had their personal information breached, the university announcedlast week. A Weber State student allegedly broke into the school’s science lab building and another building, gaining access to students and staff’s personal information as well as exam materials on lab computers. On July 29, police arrested the student allegedly responsible for the breach. Almost a week later on August 4, the college began mailing letters to 1,200 staff and students affected by the breach. The school is offering credit checks to anyone who used the science lab computers between January and April 2014, and those receiving letters are advised to change their passwords.

Wireless Emporium – Wireless Emporium, an online marketplace for cellphone accessories, begannotifying customers last week that their data may have been breached thanks to malware installed on the website’s computer server. On July 1, Wireless Emporium discovered that hackers had installed malware and stolen customer credit card data. Wireless Emporium is sending letters to customers who made purchases between their website between December 24, 2013, and January 19, 2014—the dates it believes its website was compromised. Wireless Emporium has launched an investigation and has taken security measures, including installing a new firewall and updated website code.

San Mateo Medical Center – After recently hiring an employee who failed to disclose a prior conviction for identity theft, a California medical center isnotifying current and former employees that this new employee had access to their personal information. When the employee’s past history was discovered, the employee was immediately fired, and San Mateo Medical Center started an investigation, which included searching the employee’s computer records. The investigation has not uncovered any evidence of foul play, but SMMC is warning employees that the employee had access to their names, contact information, Social Security numbers, and dates of birth. All those receiving the letter are being offered three free years of identity theft protection. Moral: If you want to rehabilitate your reputation as an identity thief, it’s best to take a job somewhere besides a payroll department.

No comments: