31 December 2009 - Indiana Fugitive Found Through Online Game
The Howard County, Indiana Sheriff's Department found a fugitive from justice through his penchant for playing the online game World of Warcraft (WoW). Alfred Hightower had fled to Canada to evade a warrant issued for his arrest in 2007. After learning that Hightower is an avid WoW player, Deputy Matt Roberson sent a subpoena to Blizzard Entertainment in Canada, seeking information that would help his office locate Hightower. Because the company is Canadian and Roberson had no jurisdiction there, he did not expect anything to come of it, but several months later, he received data from the company that included Hightower's IP address, account information and history, billing address and online screen name. The information was enough to find Hightower and have him deported to the US, where he is expected to face the 2007 charges.http://kokomoperspective.com/news/local_news/article_15a0a546-f574-11de-ab22-001cc4c03286.html
30 December 2009 - McAfee Report Predicts Top Threats and Trends for 2010
According to McAfee's 2010 Threat Predictions Report, Adobe Reader and Adobe Flash will be the top targets for malware writers in 2010. Users are not always aware that the applications need updating, and the updates themselves can prove complicated to apply. The report also predicts that the severity of attacks against social networking sites will increase and that Trojans designed to steal banking information will become more sophisticated and harder to detect.
28 December 2009 - Chinese Matchmaking Site Data Stolen
A former board member of a Chinese matchmaking website is accused of stealing applicant information and trying to sell it to other companies.
In all, about 16,000 people who registered with the site are affected by the alleged data theft. The unnamed individual took the data from the company before he resigned in mid-2006.
24 December 2009 - GAO Report Points Fingers in Nuclear Site Document Leak
A report from the Government Accountability Office (GAO) faults five government agencies, two congressional offices and the National Security Council for the leak of information about hundreds of US civilian nuclear facilities. The document was published on the Government Printing Office website in June and remained visible for about one day. The document was intended for the International Atomic Energy Agency (IAEA). Some of the confusion stemmed from the document's classification with an IAEA term that is not recognized in the US. NSC did not provide specific instructions for handling the document once delivered to the White House clerk's office.
23 December 2009 - MBNA Customer Credit Card Data on Stolen Laptop
MBNA is notifying thousands of customers that a laptop stolen from NCO Europe offices contains their credit card information. NCO Europe is a third-party contractor. Although the files do contain personal information, no PINs are believed to be included. While no fraudulent activity has been detected on the compromised accounts, MBNA is offering affected customers one year of credit monitoring service and is monitoring all compromised accounts.
22 December 2009 - Former Asst. DA Draws Probation for Unauthorized Access to Information
A Louisiana man has been sentenced to two years of probation and ordered to pay a US $3,000 fine for unauthorized access to information by use of a computer. Perry Booth was employed as an Assistant District Attorney for Jefferson Parish, Louisiana when he noted the license plate of an individual involved in a near miss traffic incident. Booth asked an investigator in the DA's office to access a confidential law enforcement database to find out the person's identity. He then sent that person a threatening letter referring to the traffic incident. http://neworleans.fbi.gov/dojpressrel/pressrel09/no122209.htm
21 December 2009 - Possible Prison Time for Sending Spyware
n Ohio man could face time in prison for sending spyware to a woman's computer. Scott Graham sent the spyware surreptitiously as an email attachment; the recipient opened the mail on two computers at her
workplace: Akron Children's Hospital. The software harvested confidential medical procedure and financial information. The spyware was discovered because it was slowing down the hospital's computer system. The software is legal to use on computers owned by the person who purchases it. Graham has pleaded guilty to one felony charge of intercepting electronic communications.
17 December 2009 - Eleven Sentenced to Jail For Stealing Online Gaming Account Credentials
Chinese authorities have jailed 11 people for their roles in a scheme that aimed to steal online gaming login credentials. The group used Trojan horse programs to steal the information from five million profiles. They then sold game artifacts they accessed through the accounts, making a total of 30 million yuan (US $4.4 million). The eleven people received sentences of up to three years; the group was also fined a total of US $120,000. Dozens more people involved in the scheme are expected to be sentenced soon.
17 December 2009 - Conficker on 6.5 Million Machines Worldwide
According to information from Shadowserver, one in seven computers infected with Conficker are hosted on Chinese Internet service provider
(ISP) Chinanet. The ISP's infected machines account for 14 percent of all known infected machines, but make up just one percent of the company's network. Other ISPs have infection rates as high as 25 percent. Conficker has infected an estimated 6.5 million computers around the world.
16 December 2009 - Stolen Laptop Holds Military and DoD Employee Information
A laptop computer stolen from the home of a Fort Belvoir Family and Morale, Welfare and Recreation Command contains personally identifiable information of more than 42,000 US Army soldiers, US Department of Defense employees and their families. The theft occurred on November 28. The Command learned of the theft on December 1. Affected individuals will be notified of the security breach by letter.
16 December 2009 - House Ethics Committee Data Leak Prompts Security Policy Changes
US House of Representatives chief administrative officer Daniel P.
Beard has recommended that legislative aides undergo new cyber security training and that the legislature take additional steps to protect sensitive data. The recommendations are the result of a six week review prompted by the inadvertent leak of an Ethics Committee document. The new security policies will be clear in their insistence that all House data remain on House equipment, that the data must be encrypted when they are stored on mobile devices and that they cannot be sent over any public system. Beard is also seeking to implement a requirement that the House's wireless Internet service be password protected. In addition, legislative employees who travel out of the country will have their wireless devices, including laptops, checked both before and after trips.
15 December 2009 - Minnesota Public Radio and Reporter May Face Legal Action Over Data Access
A Texas company is threatening to take legal action against a Minnesota Public Radio (MPR) and one of its reporters after they aired a story about security problems at the company that exposed sensitive personal information. Lookout Services, which allows its customers to verify the identities of potential employees, maintains that MPR and Sasha Aslanian broke the law when they accessed databases containing information for five Lookout customers, compromising the personal information of 500 people. Lookout acknowledges that its website was misconfigured in such a way as to allow unauthorized users to view customer information.
14 December 2009 - Stolen Swiss Bank Data Used in French Tax Evasion Investigation
Some of the data used by French authorities in tax evasion investigations appears to have been leaked by a former employee of HSBC Private Bank in Switzerland. Initially it was believed the man had provided French authorities with information on about 10 accounts, but that number is now believed to be much higher. The data were stolen about three years ago and a criminal complaint was filed in 2008. The man allegedly gave the information to the French government, but was not paid for it. He is reportedly under judicial protection in France.
27 November 2009 - Pub Sued for Patron's Illegal Downloading on Wi-Fi Hotspot
In a case believed to be the first of its kind, a UK pub has been fined GBP 8,000 (US $13,000) because someone used its Wi-Fi hotspot to download copyrighted content. If the UK's Digital Economy Bill goes into effect, similar cases could conceivably be prevented. That bill defines Wi-Fi hotspots as "public communications services," and says that users are responsible for the activity on the connection, not the connection's provider. The bill is proving controversial, as it would require Internet service providers (ISPs) to monitor customers' use of their networks.
23 November 2009 - Pump-and-Dump Spammers Sentenced to Prison
A US District judge in Detroit today handed down prison sentences ranging from 32 months to 51 months to four men involved in a spamming stock fraud scheme. Alan M. Ralsky and his co-conspirators, Scott Bradley, How Wai John Hui, and John S. Brown orchestrated a pump-and-dump scheme in which they manipulated stock prices by sending out fraudulent emails. The scheme reportedly netted US $2.7 million.
23 November 2009 - iPhone Worm Steals Banking Data, Enlists Devices in Botnet
A worm targeting jailbroken iPhones is designed to steal online banking login credentials. (A jailbroken iPhone is one that has been altered so that it can run applications that have not been approved by Apple.) This worm changes the iPhones' root password and then connects to a command-and-control server in Lithuania to download additional files and data and to send back stolen information. iPhones infected with the worm also become part of a botnet. http://blogs.usatoday.com/technologylive/2009/11/worm-turns-iphones-into-bots.html
21 November 2009 - Accident Victim Data Leaked From Las Vegas Hospital
The FBI is looking into an alleged breach of privacy law at University Medical Center in Las Vegas, Nevada. Officials have recently learned that an employee allegedly leaked confidential patient data, including Social Security numbers (SSNs), billing data and descriptions of injuries. One news report alleges that the information has been sold.
The breach could be a violation of the Health Insurance Portability and Accountability Act (HIPAA).
11 November 2009 - For One-Third of US Government Agencies, Security Incidents Are a Daily Occurrence
A CDW-Government survey of 300 US government IT professionals found that
44 percent of agencies noted an increase in the number of security incidents over last year. Thirty-one percent of respondents said their agencies experienced at least one cyber security incident every day.
The top areas of concern reported by respondents were malware, inappropriate employee activity or network use, managing access for approved remote users, and data encryption.http://www.govinfosecurity.com/articles.php?art_id=1931
10 November 2009 - Indian Outsourcer Arrested for Selling British Patients' Medical Files
Police in India have arrested the chief of an outsourcing company for allegedly selling British patients' medical records. Vikas Dhairyashil Bansode and his accomplices claimed to have obtained the data from IT companies in India that were hired to computerize medical records.
According to the UK's Data Protection Act, it is illegal to send this sort of information outside the country unless its security can be guaranteed. The compromised information includes addresses, dates of birth and details of medical conditions. The police began to investigate Bansode and his accomplices following a documentary that aired in October in which the filmmakers posed as individuals who wanted to buy medical information so they could market health-related products pertinent to the individuals' situations.
10 November 2009 - Bank Fraud Linked to Stolen Employee Data
A data security breach of a server at the Vancouver (Washington) School District exposed employee information, including Social Security numbers
(SSNs) and bank account information of employees who use direct payroll deposit. The district superintendent is urging all employees to let their financial institutions know about the breach so they can be monitored for suspicious activity and to contact credit reporting agencies to place fraud alerts on their accounts. The district notified all area banks about the breach as soon as they learned of it. Several employees say that their banks alerted them to suspicious account activity following the breach.
2 November 2009 - Facebook Awarded US $711 Million in Damages in Spam Case
A California court has awarded Facebook US $711 million in damages for spam sent through its network. Sanford Wallace accessed Facebook accounts without authorization and used them to send spam to other Facebook users. Wallace has been ordered to pay the damages, but as he has declared bankruptcy, it is unlikely that Facebook will see much of the money. In May 2008, Wallace and a business associate were ordered to pay US $223 million in damages for a similar spam campaign that targeted MySpace users.
10 July 2009 - Study Finds Companies Lacking Disaster Recovery Plans
A study of 117 small and medium-sized Irish businesses found that 43 percent have not established disaster recovery plans. Of those, more than half say they do not plan to create one. Sixteen percent said their organizations were too small to merit a disaster recovery plan, while 12 percent said that implementing such a plan would be too expensive. All companies surveyed said they use backup technology.
Sixteen percent of the companies said they store their backup media onsite; 26 percent said their backup storage facilities are not fireproof. Thirty-nine percent of the companies said they had experienced problems retrieving and restoring data from backup media;
31 percent of the companies have never conducted a test restore.
7 July 2009 - British Secret Service Chief's Wife Exposes Family Safety on Facebook
The incoming British Secret Service chief found himself in a pickle this weekend, after newspapers reported that his wife had left her Facebook account open for millions of people to view - including family photos and details of the family flat.
6 July 2009 - Twitter Increasingly Used for Questionable Purposes
Twitter is being used increasingly as a vector of attack, owing to the ease with which accounts are obtainable. For the time being, Twitter is being used to redirect users to sites that are selling typical spam items - pornography, pharmaceuticals, and phony anti-virus subscription.
Of particular concern is Twitter's use of shortened URLs, which can disguise the site to which a user is being taken.
5 July 2009 - Bord Gais Data Breach Affects more Than 100,000 Customers
The laptop stolen from a Bord Gais office in Dublin affects more customers than was first believed. According to a report from the Data Protection Commissioner, the security breach affects the personal information of more than 100,000 customers; when the incident was first disclosed, the number of affected customers was estimated to be 75,000.
In all, four laptops were stolen in early June; at least one contained unencrypted data, including bank account information, of people who had switched to the Bord Gais electricity supply service in recent months.
5 July 2009 - MI6 Chief's Information Exposed on Wife's Facebook Page
Personal information about Sir John Sawers posted on his wife's Facebook account does not constitute a security breach, according to Foreign Secretary David Miliband. Sir Sawers is poised to assume his new role as head of MI6 in November. Lady Sawers's Facebook page was protected by lax security measures; any Facebook member in the London network could view photographs of her family and information about the location of their London home, the whereabouts of their children, and information about their friends and relatives. The content has been removed from the Internet.
1 July 2009 - Hospital Security Guard Broke Into Facility Computers - Planned Attack
A security guard at a Dallas, Texas hospital has been arrested for allegedly plotting a distributed denial-of-service (DDoS) attack that was to be launched on July 4. Jesse William McGraw allegedly broke into computers at the hospital where he worked and installed malware to aid the planned attack. The compromised computers include those that control the facility's heating, ventilation and air conditioning (HVAC) system and several PCs that contained patient information. McGraw allegedly posted pictures and videos of his activity to the Internet, seeking help with the planned attack.
25 June 2009 - Man Arrested for Stealing and Selling Client Data
Police in Tokyo have arrested Hideaki Kubo, a former Mitsubishi UFJ Securities Co. manager who is suspected of stealing customer data. The suspect is believed to have accessed the data without authorization and to have copied information pertaining to approximately 1.5 million customers. Kubo allegedly sold some of the data to mailing list companies for 320,000 yen (US $3,335). The company has received complaints from more than 15,000 customers. In a related matter, Japan's Financial Services Agency has issued a business improvement order against the company, alleging problematic information management.
24 June 2009 - Stolen Laptop Holds Cornell University Staff and Student Data
Cornell University in Ithaca, NY has notified approximately 45,000 current and former staff members, students and their dependents that a stolen laptop computer contains their unencrypted, personally identifiable information. The compromised data include names and SSNs. The theft occurred earlier this month; affected individuals were notified by email earlier this week. The data in the computer were "being used for troubleshooting." The theft is being investigated by New York State Police.
24 June 2009 - Hard Drive Purchased in Ghana Contains US Military Contractor Data
Canadian journalism students bought a hard drive for US $40 at a market in Ghana, only to discover that it contained unencrypted information about contracts between military contractor Northrop Grumman and the Pentagon. The students were researching electronic waste. Northrop Grumman said it believes "this hard drive was stolen after one of our asset-disposal vendors took possession of the unit." It is not unusual for outdated computers and other electronic equipment to be shipped to developing countries.
21 June 2009 - Just Half of Small Businesses Backup Daily
According to a survey of 945 IT managers at companies in Hong Kong, Singapore and Australia, 36 percent of respondents said they believed data loss had a significant effect on their business, but just seven percent of the respondents rated the impact of data loss as "high." Nearly half of the managers said their organizations had experienced data loss within the last two years. Among respondents at small businesses, those with 50 or fewer employees, 49 percent said they do not back up their data daily, and just 45 percent of those same respondents said their companies had formal data retention policies.
20 June 2009 - So you want a job? Just hand over your passwords.
The City of Bozeman in Montana found itsel in the media spotlight last week after it was revealed that it had been insisting job seekers must not only reveal if they have accounts with the likes of Facebook, MySpace, Yahoo, Google and YouTube, but must also hand over their user ids and passwords. Discover why that is such a bad idea, and how the city eventually saw sense.
17 June 2009 - Stolen Bord Gais Laptop Contains Sensitive Customer Information
One of four laptop computers stolen from the offices of Irish gas and electricity company Bord Gais contains unencrypted, personally
identifiable information of 75,000 Bord Gais customers. The
compromised information includes bank data and affects customers who participated in the Bord Gais "Big Switch" electricity campaign. The computers were stolen on June 5, 2009; police and the Irish Data Protection Commissioner were notified immediately. Customers affected by the data security breach will be contacted in the next few weeks.
All company machines are now encrypted.
11 June 2009 - Survey: Admins Exploit Privileges to Access Sensitive Data
A survey of 400 IT administrators found that more than one-third abuse their administrative rights to access sensitive information about employees, customers and their companies for personal use. The information accessed includes salary data and board meeting minutes.
The survey also found that the percentage of administrators who would take proprietary information with them if they left their present positions increased significantly over last year's figures; six times as many respondents said they would take financial information if they left their firms; four times as many said they would take executives'
passwords and R&D plans.
11 June 2009 - Illinois State Agency Missing 52 Computers
Reports from Illinois state auditors indicate that the Department of Financial and Professional Regulation cannot account for 52 computers. The department is responsible for regulating the banking and insurance industries as well as several professions, including accounting, medicine, and engineering. The agency cannot say if the missing computers held confidential information. The machines may have been transferred to other agencies, but there are no records indicating such transfers. http://www.sj-r.com/archive/x986607995/Audit-52-computers-missing-from-state-agency
10 June 2009 - Survey Shows Losing Internet Connection is Strong Motivation to Stop Piracy
Just 33 percent of people who receive warning letters would stop downloading content in violation of copyright law, according to the results of a survey from media law firm Wiggin. However, 80 percent of the respondents said they would stop pirating digital content if they
thought their Internet connections would be cut off. The UK's
Strategic Advisory Board for Intellectual Property estimates that seven million Internet users in the UK use filesharing networks once a week to pirate content. The UK government is expected to publish a report next week that will include "recommendations that ISPs investigate 'technical solutions' to piracy, which could involve slowing down connection speeds." The survey also found that people would be willing to pay more for various levels of content services through their ISPs.
3 June 2009 - Phishers Target Outlook Users
Reports are emerging of a phishing attack that targets Microsoft Outlook users. The scam messages are spoofed so they appear to come from Microsoft, and ask users to reconfigure Outlook on their computers; the provided link requests user names, passwords and mail server information. The data give the phishers full access to users' accounts, so they can read email messages and use the account of which they gained control to send spam.
1 June 2009 - Twitter Scareware Attack
A scareware scam is spreading through Twitter. A message reading "Best Video" contains a link that, if clicked, leads users to a site that attempts to download phony security software known as scareware onto their computers. Once a machine is infected, the malware tells users that certain programs cannot be run because they are infected and offers several different packages at varying prices for software that will "clean" their computers of the infection.
29 May 2009 - Former Employee Arrested in Connection With Cyber Intrusion
FBI agents arrested Dong Chul Shin, a former Texas power company employee who is a suspect in a computer intrusion at his former employer's network. The intrusion hobbled an energy forecast system at Energy Future Holdings; the intrusion did not pose a threat to power availability, but did cost the company US $26,000. Dong was fired from the company on March 3, 2009, but his VPN access was not immediately terminated. Later that same day, Dong's account was used to access the corporate network and email proprietary data to a Yahoo account believed to belong to Dong. According to logs, the VPN connection came from Dong's home.http://www.wired.com/threatlevel/2009/05/efh/
25 May 2009 - Blackmail fear after sensitive information on RAF officers lost
Highly personal information about senior officers of the Royal Air Force (RAF) - including details of extra-marital affairs, debt, drug abuse, and the use of prostitutes - is alleged to be amongst the data lost from a base in Innsworth, Gloucestershire. Discover more, and how encryption could have helped keep the information confidential. http://www.sophos.com/blogs/gc/g/2009/05/25/fear-blackmail
24 May 2009 - Missing Hard Drives Also Contain Sensitive Personal Information of RAF Personnel
A memo obtained through the Britain's Freedom of Information legislation reveals that three hard drives reported missing from an RAF facility in September 2008 contained more than banking information, as was initially reported. The drives, which were not encrypted, also contain sensitive personal information about approximately 500 staff regarding criminal convictions, extramarital affairs, and drug use. There is concern that the information could be used to blackmail those involved.
24 May 2009 - NHS Had 140 Data Security Breaches in First Four Months of 2009
The UK Department of Health said that 140 data security breaches were reported by NHS in the first four months of this year alone. The breaches included lost and stolen laptop computers, lost memory sticks, and passwords taped to encrypted disks. Fourteen NHS bodies have faced Information Commissioner action because of the data breaches.
1 May 2009 - Former IT Admin Admits to Deleting Organ Donation Data
A former IT administrator at an organ and tissue donor bank has admitted to breaking into the organization's computer network and deleting data.Danielle Duann has pleaded guilty to felony computer intrusion for accessing the LifeGift computer network from a laptop computer at her home in November 2005 just days after she learned she had lost her job; she deleted organ donation database records and other information. She will pay US $94,200 in restitution and faces 10 years in prison and a US $250,000 fine when she is sentenced this summer. Duann's activity was detected by a third-party company that provided backup services for LifeGift.
20 April 2009 - MySpace Employee Stole Co-Workers' Personal Information
A MySpace employee allegedly stole personal information, including Social Security numbers (SSNs), of his co-workers. The individual has been identified and fired, but MySpace headquarters remained closed last Thursday; employees were instructed to work from home. The reason given was that MySpace needed conduct analysis of its computer systems "to reduce the possibility of any future breaches." Employees were notified of the breach and assured that the compromised data do not include bank account or medical information.http://www.siliconrepublic.com/news/article/12780/digital-life/myspace-insider-data-breach-leads-to-hq-shutdown
17 April 2009 - Guilty Plea in Pirated Software Case
Gregory William Fair has pleaded guilty to charges of criminal copyright infringement and mail fraud stemming from the sale of pirated software on eBay. Fair sold counterfeit copies of Adobe software through the online auction site using multiple user IDs; the retail market value of the products he sold is estimated to be US $1 million. Fair will forfeit his earnings from the transactions. Fair faces up to 20 years in prison and a fine of up to US $500,000; his sentencing is scheduled for July 8.
15 April 2009 - Trojan in Pirated Mac Software Helped Create First Mac Botnet
Malware embedded in pirated versions of Apple's iWork and Adobe Photoshop CS4 for Mac that were available over a peer-to-peer network in January is responsible for what appears to be the first known Mac botnet. The zombie network attempted to launch a distributed denial-of-service (DDoS) attack against an unidentified website. The malware had spread to several thousand computers before it was identified.
13 April 2009 - Missing Laptop Holds Sensitive Ministry of Defence Information
The UK Ministry of Defence (MoD) has admitted that a laptop computer containing sensitive SAS (Special Air Service) information is missing. The unclassified data include names of SAS soldiers as well as information about the Signals Regiment's training exercises; MoD said it does not hold information about missions. The data on the computer were not encrypted.
13 April 2009 - NC Hospital Patient Data on Computer Stolen in Georgia
Officials at Moses Cone Health System in Greensboro, NC have begun notifying more than 14,000 patients that their personal information was on a laptop computer stolen while in the possession of consulting firm VHA. The computer was stolen on March 9 from the vehicle of a VHA employee in Georgia. The hospital learned of the theft four days later, but waited until this week to make the theft public. VHA had the information on the computer because it was conducting analysis to help the hospital improve patient care and reduce costs. The data were not encrypted. The theft affects cardiology and orthopedic patients treated at Moses Cone Memorial Hospital or Wesley Long Community Hospital
between February 2004 and February 2009. The data include confidential patient information and some Social Security numbers (SSNs).
7 April 2009 - Stolen Laptop Contains Commercial Driver's License Holder Data
A laptop computer stolen from a state office building in Kapolei, Oahu, Hawaii contains personally identifiable information of nearly 1,900 state commercial driver's license holders. The compromised information includes names, addresses and Social Security numbers (SSNs). The computer was stolen on March 18, although the drivers were not notified until April 6.
30 March 2009 - Romanian National Sentenced to 50 Months for Phishing Scheme
A Romanian man has been sentenced to 50 months in prison for his role in a phishing scheme. A January 2008 indictment alleged that Ovidio-Ionut Nicola-Roman and six accomplices ran the phishing scheme that tricked users into providing their payment card and other financial information; Nicola-Roman pleaded guilty to one felony count of conspiracy to commit fraud in July 2008. The group then allegedly used the information to make fraudulent withdrawals from the users' accounts or buy items with their debit card numbers. Nicola-Roman was apprehended on an Interpol warrant in Bulgaria in 2007 and was extradited to the US in November 2007. http://www.theregister.co.uk/2009/03/30/romainian_phisher_sentenced/
30 March 2009 - Former IRS Employee Charged With Unauthorized Computer Access
Former US Internal Revenue Service (IRS) contract employee Andrea Bennett has been charged with illegally accessing IRS computers and filing false claims. Bennett allegedly accessed the IRS's Integrated Data Retrieval System 285 times to view tax accounts of a dozen individuals and prepare six fraudulent tax returns. Bennett allegedly received more than US $13,000 in refunds from the fraudulent returns.
The people who had false claims filed in their names were unaware of her activity. If convicted, Bennett could face 10 years in prison and a US $500,000 fine. A spokesperson for the Treasury Inspector General for Tax Administration (TIGTA) declined to comment, as the investigation is ongoing.
27 March 2009 - Man Arrested, Charged with Stealing Trade Secret
David Yen Lee, a naturalized US citizen, has been arrested by federal agents in Arlington Heights, IL, and charged with theft of a trade secret. Lee was employed as Technical Director of New Product Development at Valspar, a paint and industrial coating manufacturer, until he abruptly resigned from his job earlier this month. Lee surrendered his company laptop and Blackberry when he resigned. An examination of the computer found that all the temporary files had been deleted, suggesting that the computer's history had been cleared; investigators also discovered a hidden file containing unauthorized software, including a copying program. The examination also revealed that 44 gigabytes of data had been downloaded to the computer; the data included Valspar trade secrets. Agents found a thumb drive in Lee's home that contained paint formula trade secrets that were not related to Lee's work projects. The thumb drive was discovered in a packed bag; Lee had purchased a one-way ticket to China.
23 March 2009 -Symantec Study Shows Most Companies Have Experienced Loss
Research from Symantec shows that 98 percent of the 1,000 IT managers from companies in the US and Europe said their companies experienced tangible loss from a cyber attack of some sort over the last two years. Forty-six percent of respondents said that cyber attacks resulted in downtime for their companies; 31 percent said customer and/or employee data were stolen; and 25 percent said corporate data were taken.
Three-quarters of the European respondents said their companies are outsourcing some portion of their security operations.
16 March 2009 - Iowa Company Agrees to Pay Undisclosed Sum For Unlicensed Software Use
An Iowa company has agreed to pay the Software & Information Industry Association a six figure settlement for using copies of software without valid licenses. Creative Edge Master Shop in Fairfield and an affiliate, Flex kits, admitted to using unlicensed copies of software from Adobe, Apple, Symantec and other companies; Creative Edge has agreed to implement internal controls to ensure that only properly licensed software is used. The amount of the settlement was not disclosed.
14 March 2009 - Man Who Deleted Australian Government Computer Accounts to be Sentenced
David Anthony McIntosh, a former IT consultant for the government in Australia's Northern Territories, will be sentenced this week for damage he caused to a government computer system. McIntosh maintains he was drunk and upset over a broken engagement when he broke into the system a month after leaving his position. McIntosh deleted more than 10,000 Health Department, hospital, prison and Supreme Court employee user accounts, causing AU $1.2 million (US $793,000) in damages. McIntosh pleaded guilty to unlawfully accessing and modifying data in court in January. He has written a letter of apology to the court and plans to pursue another line of work when he completes his prison term.
14 March 2009 - Finnish President Ratifies Law Allowing Employers to Monitor Employees' eMail Activity
A newly ratified law in Finland allows employers to monitor employees'
email messages when they suspect misconduct. Employers would not be permitted to read the content of messages, but would be permitted to monitor the sizes of attachments and to whom they were being sent. The law also allows schools, libraries and telecommunications operators to snoop on users' activity. The law has met with harsh criticism from legal experts and privacy rights groups. The bill passed Parliament earlier this month by a vote of 96-56; the president ratified it on March 13.http://www.ioltechnology.co.za/article_page.php?iSectionId=2883&iArticleId=4889373
9 March 2009 - Lost Memory Stick Holds Police Investigation Data
A memory stick containing unencrypted details about hundreds of Scottish police investigations is missing. The device was lost at the end of last year at Lothian and Borders Police headquarters. The memory stick was believed to have been being moved within a secure area when it was lost, but the incident serves to demonstrate the need to encrypt sensitive data at all times. http://www.scmagazineuk.com/Unencrypted-police-memory-stick-lost/article/128429/
7 March 2009 - Swedish Police Seize Server in Illegal Filesharing Bust
Police in Brandbergen, Sweden, near Stockholm, raided an apartment and seized a server containing 65 terabytes of allegedly pirated files. The raid was part of an effort to crack down on illegal filesharing.
Sixty-five terabytes translates to approximately 16,000 full-length films. The raid was conducted on February 9 but made public only last week. The equipment's alleged owner has been questioned and released, but remains the subject of an investigation. http://www.msnbc.msn.com/id/29566891/
2 March 2009 - Detectives "Photos" Prove to be Malicious Trojan
A malicious email campaign claiming to contain "interesting photos" from a private detective, but really carrying a dangerous Trojan horse.
27 February 2009 - Surveys Find Employees Stealing Data to Help Economic Prospects
A Cyber-Ark Software survey of 600 office workers in London, New York and Amsterdam found that theft of proprietary information is on the rise; many of the thieves are not outsiders, but insiders concerned about losing their jobs. A study from Symark found that 40 percent of companies do not know whether employees' user accounts remain active after the employee no longer works for the company. According to UK Director of Cyber-Ark Mark Fullbrook, cyber criminals feel they are reaping benefits from the current economic crisis. Reductions in budgets have led to increased outsourcing and decreased focus on security.
25 February 2009 - Phishing Scheme Spreads Through IM Services
Phishers have been targeting people who use Internet chat services with an attack aimed at stealing account login information. The attack comes in the form of instant messages asking recipients to click on a TinyURL link to watch a video. The link leads users to a site that asks for login credentials. The messages appear to come from trusted friends.
Users of Gmail, Yahoo, Microsoft and MySpace instant messaging programs have reportedly received the phony messages.
23 February 2009 - Rogue Facebook application bombards users with bogus messages
Sophos has issued a warning about a third-party Facebook application that has been spreading in a "viral" manner via the social network. The "Error Check System" application sends misleading notifications to users' friends and family telling them there is a problem with their profile, in an attempt to gain more users. Learn more about the threat, and make sure that your users are taking care over what they do on Facebook.
23 February 2009 - More Than Half of Former Employees Took Company Data
The Ponemon Institute interviewed 945 US adults who had been laid-off, fired, or changed jobs within the last year and found that more than half took company information with them when they left their former positions. The rationales for taking the data included help getting another job, help starting their own business, or simple revenge. All of the participants in the survey had access to proprietary information, including customer data, employee information, financial reports, software tools and confidential business documents. The survey also found that just 15 percent of the companies examined the paper and/or electronic documents their former employees took with them when they left.
23 February 2009 - Starbucks Facing Lawsuit Over Laptop Theft
A Starbucks employee has filed a class action lawsuit against the company in response to a data security breach that occurred on October 2008. A laptop containing the names, addresses and Social Security numbers (SSNs) of approximately 97,000 Starbucks employees was stolen last fall; the suit alleges fraud and negligence, and seeks an extension of the one year of credit monitoring the company offered as well as unspecified damages and assurances that Starbucks will be required to undergo regular third party security audits. http://www.networkworld.com/news/2009/022309-starbucks-sued-after-laptop-data.html
20 February 2009 - Proposed Legislation Would Require Retention of Internet Use Data for Two Years
US legislators have introduced a bill that would require extensive logging of Internet use. The proposed legislation aims to help police with investigations. All ISPs and wireless access point operators would be required to retain logs of users' activity for a minimum of two years. The law would apply not only to large ISPs, but also to private homes that have wireless access points or wired routers that use the Dynamic Host Configuration Protocol as well as small businesses, libraries, schools and government agencies.
12 February 2009 - Number of Banks Affected By Heartland Breach: 160 and Growing
According to the Bank Information Security website, nearly 160 financial institutions have acknowledged that they were affected by the Heartland Payment Systems data security breach. Banks in 40 US states as well as in Canada, Bermuda and Guam have reported that some of their customers' cards were exposed. It is not known how many card accounts were compromised; Heartland says it processes 100 million transactions a month. http://www.bankinfosecurity.com/articles.php?art_id=1200&opg=1
9 February 2009 - Phishers Lure Users with Offer of Economic Stimulus Payments
The US Computer Emergency Readiness Team (US-CERT) has warned that phishers are sending email messages that appear to come from the Internal Revenue Service (IRS). The messages tell the recipients that they can receive economic stimulus payments by visiting a certain website or filling out an attached document, both of which ask for personal information.
7 February 2009 - Houston Municipal Court Shutdown Due to Malware Infestation
A malware infection of some computers in the Houston, Texas city network resulted in the shutdown of part of the city's municipal court system late last week. Offices were still open for people to pay parking tickets and other fines, but the court dockets had to be reset. Due to the infection, Houston police temporarily stopped making some minor offense arrests. Officials believe the malware has spread to 475 of the city's more than 16,000 computers, an infection level of about three percent. On Friday afternoon, city officials brought in a cyber security company to help clean the computers. Houston's deputy director of information technology says the primary malware suspect in the case is Conficker, also Downadup. As of Monday morning, the courts were still closed. http://www.chron.com/disp/story.mpl/front/6250411.html
6 February 2009 - Kaiser Permanente Personnel Data Found in Suspect's Home
Kaiser Permanente employees in Northern California have been notified that a recently arrested criminal suspect was found to be in possession of their personal data. A computer file containing the data was discovered in the home of Mia Garza, who is not a Kaiser employee.
Approximately 29,500 people are believed to be affected by the breach.
The data are from the employees' personnel files and do not include medical records. Kaiser has initiated an internal investigation to determine the source of the breach. A Kaiser human resources executive says that "only a handful of employees have reported identity theft."
Garza faces half a dozen felony charges, including receiving stolen property, identity theft and forgery.
2 February 2009 - Former Microsoft Employee Says Suit Filed Against Him is Retaliatory
A former Microsoft employee being sued by the company says that the lawsuit is retaliation for a patent infringement lawsuit he brought against Microsoft. Microsoft's suit alleges that Miki Mullor took a job at the company to gather information that would help his lawsuit. When Mullor applied for the position at Microsoft, he said that his company, Ancora, was no longer in business even though it still was and he was its CEO. Mullor allegedly downloaded documents that were not related to his job, but were related to the content of his patent infringement case against the software giant. Mullor filed his suit in June 2008 against Dell, Toshiba and Hewlett-Packard, because their products use the technology the ownership of which is in dispute; Microsoft became a party to the case at a later date. Mullor was fired from Microsoft in September 2008.
30 January 2009 - DoJ Employee Security Test Fools Thrift Investment Board
The Justice Department tested its employees' susceptibility to phishing attacks with an email that appeared to come from the Thrift Savings Plan, but neglected to inform the Federal Retirement Thrift Investment Board. The phony phishing message told recipients that they could recoup losses if the value of their Thrift Savings Plan has fallen more than 30 percent. They were given a January 31 deadline to provide personal information to participate in the non-existent program. The TSP board learned of the test on January 28, nearly two weeks after the message was sent out; by that time, it had already put anti-fraud efforts into place.
26 January 2009 - Former Web Host Employee Sentenced for Unauthorized Access and Damage
Former Hostgator.com employee Cliff L. Wade has been sentenced to eight months in prison for accessing the web hosting company's systems without authorization and deliberately causing problems in its customer support network. The intrusion occurred after Wade moved to another state and took a job with a different web hosting company. Wade was also sentenced to three years of supervised release following completion of his prison term, and has been ordered to pay a US $100 special assessment.
26 January 2009 - Thrift Shop MP3 Player Contains US Military Data
An MP3 player purchased at an Oklahoma thrift store was found to contain US Army files. The man who bought the device, who is from New Zealand, paid NZ $18 (US $9.50) for the device. When he connected it to his computer, he found it contained 60 files that include names and personal information of US soldiers, information about equipment at various bases and a mission briefing. The files containing a warning that the release of the information they hold is prohibited by federal law. In November, the US Department of defense banned the use of portable data storage devices.
26 January 2009 - Former Employee Admits Deleting Information From Government Computer System
Anthony McIntosh has admitted he caused AU $1 million (US $661,360) worth of damage by breaking in to the Northern Territory Government computer systems and deleting information. McIntosh had worked as a contractor on the government systems before leaving his position last April under less than ideal circumstances. Last May, McIntosh admits, he broke into several government computer systems and deleted profiles of more than 10,000 public servants. McIntosh accessed the system with a former colleague's password.
22 January 2009 - Pirated Copies of iWork 09 Contain Trojan
Illegal copies of Apple's iWork 09 have been appearing on filesharing websites. The pirated software is believed to contain a Trojan horse program known as iServices.A. The Trojan has root access to infected computers. Once in place, it connects to a remote server and downloads additional software that makes the infected computer part of a botnet.
The Trojan has already been inadvertently downloaded by an estimated 20,000 users.
21 January 2009 - Millions Infected by Sophisticated Worm Conficker
The Conficker worm, also known as Downadup, is still troubling computer systems around the globe. The malware crashed the computer system at New Zealand's Ministry of Health; the computers are running again, but staff members are not permitted to access the Internet. IT staff at five hospitals in Sheffield, UK are still in the process of cleaning the worm from more than 800 of the hospitals' 7,000 PCs, three weeks after they became infected. The Sheffield hospital computers became infected after managers turned off Windows update late last year.
20 January 2009 - NZ Telecoms Want More Time to Develop Piracy Plan with Film/Music Companies
New Zealand telecommunications companies want to extend the February
28 deadline set for a law that would require them to take action against customers who are suspected of copyright violations.
The telecommunications Carriers Forum says the deadline does not allow enough time to work out a plan with film and music companies.
Among the problems is the requirement that ISPs terminate Internet accounts of customers who are allegedly downloading content in violation of copyright law; ISPs could face legal action from their customers as a result.
18 January 2009 - Downadup Infection Count Up to 9 Million
The cyber virus that has been spreading quickly on Windows machines has now infected nearly 9 million PCs worldwide, according to one company's estimate. The virus appears to be spreading scareware, malware that pops up phony alerts about infections on machines in an attempt to get users to purchase phony security software.
The malware, which is known as Downadup, Conficker and Kido, exploits a vulnerability that Microsoft addressed with an out-of-cycle patch in October. The malware has been added to the most recent version of Microsoft's Malicious Software Removal Tool, which was released on January 13. The malware can also spread through network shares.
16 January 2009 - Store Owner Draws 33-Month Sentence for Card Skimming
A Redmond, Washington tobacco store owner has been sentenced to nearly three years in prison for skimming payment card information.
Hrant "Mike" Aslanyan admitted that he used a card skimmer in his shop to steal information from more than 300 customers. He then used the stolen information to make fraudulent transactions totaling approximately US $300,000. Aslanyan received a 33 month prison sentence to be followed by five years of supervised release. He was also ordered to pay more than US $214,000 in restitution.
15 January 2009 - Man Indicted for Selling Pirated Software
An Arizona man has been indicted for selling phony software in online auctions. Kurt Kunselman faces charges of wire fraud, criminal copyright infringement and destruction of records with intent to obstruct a federal investigation. Kunselman allegedly offered for sale on eBay illegal copies of software, the copyrights of which are owned by an Oregon company. He is scheduled to appear before a US Magistrate next week.
15 January 2009 - Former Help Desk Employee Admits Cyber Sabotage
A man who used to work at the help desk at Eden Prairie, Minnesota-based
Wand Corp. has admitted he placed malware on his former employer's
computer system. David Ernest Everett Jr. put the malicious programs
on the system after losing his job in March 2008. Wand Corp. provides
IT systems and point-of-sale systems for fast food restaurants. The
attack caused problems on 25 servers at a variety of locations; cleaning
up the mess cost approximately US $49,000. Everett faces up to 10 years
in prison when he is sentenced.
14 January 2009 - NY Police Sergeant Admits Accessing FBI Database Without Authorization
A New York City police sergeant is facing a year in prison and a fine
of at least US $100,000 for illegally obtaining information from the
FBI's National Crime Information Center (NCIC) database and giving it
to an acquaintance for use in a custody battle. Haytham Khalil pleaded
guilty to one misdemeanor charge. He does not have authorization to
access the NCIC database, but a colleague who does have authorization
left his login credentials available so co-workers could access the
information while he was not there. The incident occurred in December
14 January 2009 - Angie's List Files Lawsuit Alleging Industrial Espionage
Angie's List, the Indianapolis-based consumer rating website has filed
a lawsuit in Indiana state court accusing Christopher "Kit" Cody of
industrial espionage. The suit alleges that while he was a paying
member of the site, Cody used a bot to scrape 9,278 service provider
files from the Angie's List site and used the information to start a
competing site. Cody's attorney disputes the allegations. Angie's List
members share information about various services.
8 January 2009 - Attackers Use Cloak of Breaking News Stories to Spread Trojan
Attackers have been sending messages that purport to be CNN news updates about the situation in Gaza, but that could lead to recipients'
computers becoming infected with malware. The messages direct recipients to what appears to be a CNN website where they are told they
need to update to Adobe Acrobat 10. What actually gets downloaded is
an "SSL stealer" Trojan horse program that listens for traffic to and from financial services' systems.
7 January 2009 - Senator Feinstein Introduces Consumer Data Protection Legislation
Senator Dianne Feinstein (D-Calif.) has introduced two pieces of legislation aimed at protecting consumer data. The first bill would require companies to notify consumers promptly of breaches involving their personal data. The companies would also be required to report breaches to the US Secret Service in certain instances, including breaches of databases that belong to the federal government or that involve national security or law enforcement. The second bill would make it illegal for organizations to sell, or display in public, individuals' Social Security numbers (SSNs) or to print them on government checks without their consent. Organizations would also face restrictions on when they can ask for customers' SSNs.
7 January 2009 - Database Admin Sentenced for Breaking into Former Employer's System
A man who worked as a database administrator for an unnamed British company has been sentenced to three months in jail, suspended for two years, and fined GBP 3,200 (US $4,858) for breaking into his former employer's computer system to install spyware and delete messages.
Julius Oladiran worked for the company for just three weeks before being asked to leave after it became apparent to management that his resume contained false information. Oladiran admitted he made a false statement and gained unauthorized access to computer information.
6 January 2009 - UK HMRC Warns of Phishing Scheme
UK's HM Revenue & Customs (HMRC) is warning UK taxpayers of a phishing scheme targeting people who are scrambling to meet an end-of-the month tax deadline. The fraudulent messages, which are spoofed so they appear to come from HMRC, tell recipients that they are due a tax refund and request bank or credit card account information so the refund can be paid. Several sites associated with the scheme have already been taken down. Some scammers are phoning taxpayers with similar claims. HMRC will contact taxpayers by letter only.
6 January 2009 - CheckFree to Notify 6 Million Potentially Affected by DNS Attack
CheckFree has begun notifying more than 5 million people that they may have been redirected to a site hosting malware if they used CheckFree's services between 12:35 am and 10:10 am on December 2, 2008. CheckFree is an electronic bill paying service that is used by some banks. In some cases, people would not know they were using CheckFree; it would seem to them as though they were using a service provided by their own banks. People who used the service during that period were redirected to a server in the Ukraine that attempted to install password-stealing malware on their computers. The attackers managed to log into Network Solutions, CheckFree's Internet domain registrar, and change the DNS settings to conduct the redirect attack.
6 January 2009 - Reported Breaches Up Nearly 50 Percent
According to statistics gathered by the Identity Theft Resource Center, there were 656 data breaches reported by businesses, schools and governments in 2008, up from 446 in 2007, an increase of nearly 50 percent. Breaches at businesses accounted for 37 percent of the total, while breaches at schools accounted for 20 percent. The percentage of breaches involving current and former employees more than doubled to 16 percent in 2008. The top cause of breaches was human error, which includes lost or stolen laptops and data storage devices, and inadvertent exposure of data.