Tag Archives: investigation

[ISN] Credit Card Breach at Mandarin Oriental

http://krebsonsecurity.com/2015/03/credit-card-breach-at-mandarian-oriental/ By Brian Krebs Krebs on Security March 4, 2015 In response to questions from KrebsOnSecurity, upscale hotel chain Mandarin Oriental Hotel Group today confirmed that its hotels have been affected by a credit card breach. Reached for comment about reports from financial industry sources about a pattern of fraudulent charges on customer cards that had all recently been used at Mandarin hotels, the company confirmed it is investigating a breach. “We can confirm that Mandarin Oriental has been alerted to a potential credit card breach and is currently conducting a thorough investigation to identify and resolve the issue,” the company said in an emailed statement. “Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.” Mandarin isn’t saying yet how many of the company’s two-dozen or so locations worldwide may be impacted, but banking industry sources say the breach almost certainly impacted most if not all Mandarin hotels in the United States, including locations in Boston, Florida, Las Vegas, Miami, New York, and Washington, D.C. Sources also say the compromise likely dates back to just before Christmas 2014. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Waukegan man accused of hacking to sound bomb alarm at Gurnee Mills

http://www.chicagotribune.com/suburbs/lake-county-news-sun/crime/ct-lns-hacking-bomb-charge-st-0226-20150225-story.html By Jim Newton News-Sun February 25, 2015 A 25-year-old Waukegan man faces felony charges for allegedly hacking into a radio system at Gurnee Mills mall to sound a false bomb alarm, according to the Lake County State’s Attorney’s Office. Raymond J. Kelly, who was charged Monday with communicating a false bomb alarm, is accused of orchestrating the hacking from his Waukegan home Jan. 29, said Cynthia Vargas, the state’s attorney’s communications manager. The Class 3 felony is punishable by up to five years in prison upon conviction. Kelly also was charged with two counts of tampering with a secure communication, fire or life system, a Class 4 felony that can carry a potential sentence of one to three years, according to authorities. He was being held in Lake County Jail Wednesday afternoon in lieu of $25,000 bail with a hearing scheduled for Thursday. Kelly was arrested by Gurnee police, who had tracked signals from his house to the mall, Vargas said. A subsequent search of his house turned up various portable radios, antennas and a laptop computer that are now part of the investigation, Vargas said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Three Months Later, State Department Hasn’t Rooted Out Hackers

http://www.wsj.com/articles/three-months-later-state-department-hasnt-rooted-out-hackers-1424391453 By DANNY YADRON The Wall Street Journal Feb. 19, 2015 Three months after the State Department confirmed hackers breached its unclassified email system, the government still hasn’t been able to evict them from the department’s network, according to three people familiar with the investigation. Government officials, assisted by outside contractors and the National Security Agency, have repeatedly scanned the network and taken some systems offline. But investigators still see signs of the hackers on State Department computers, the people familiar with the matter said. Each time investigators find a hacker tool and block it, these people said, the intruders tweak it slightly to attempt to sneak past defenses. It isn’t clear how much data the hackers have taken, the people said. They reaffirmed what the State Department said in November: that the hackers appear to have access only to unclassified email. Still, unclassified material can contain sensitive intelligence. The episode illustrates the two-way nature of high-technology sleuthing. For all of the U.S. government’s prowess at getting into people’s computers through the NSA and the military’s Cyber Command, the government faces challenges keeping hackers out of its own networks. The discrepancy points to a commonly cited problem with defending computers: Playing offense almost is always easier than playing defense. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Data Breach at Health Insurer Anthem Could Impact Millions

http://krebsonsecurity.com/2015/02/data-breach-at-health-insurer-anthem-could-impact-millions/ By Brian Krebs Krebs on Security Feb 4, 2015 Anthem Inc., the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company’s size, this breach could end up impacting tens of millions of Americans. Anthem didn’t specify how many consumer records may have been breached, but it did say all of the company’s business units are affected. The figures from Anthem’s Web site offer a glimpse at just how big this breach could be: “With nearly 69 million people served by its affiliated companies including more than 37 million enrolled in its family of health plans, Anthem is one of the nation’s leading health benefits companies.” The company said it is conducting an extensive IT forensic investigation to determine what members are impacted. “We are working around the clock to determine how many people have been impacted and will notify all Anthem members who are impacted through a written communication,” Anthem said in question and answer page released about the breach. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Dating site Topface pays hacker who stole 20 million credentials

http://www.techworld.com/news/security/dating-site-topface-pays-hacker-who-stole-20-million-credentials-3596333/ By John E Dunn Techworld.com Jan 30, 2015 The ‘Mastermind’ hacker who stole 20 million user credentials from Russian dating website Topface has got an extraordinary response from his victim – an undisclosed payment for “finding” the vulnerability that led to the calamitous breach. It’s an extraordinary turns of events that would be unthinkable in almost any other country but the site justified its decision with the argument that recovering the data would end the matter once and for all. Recall that the hacker in question had tried to sell the stolen data on a crime forum which is where the breach was first noticed by a third party, US securty outfit Easy Solutions. Without that discovery the data would probably have been sold on without the site realising that a breach had happened in the first place. “He [Mastermind] has confirmed the findings of our investigation and has made an agreement with Topface for no further distribution of acquired email addresses database,” the firm said in a statement. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] EHR audit catches snooping employee

http://www.healthcareitnews.com/news/ehr-audit-catches-snooping-employee By Erin McCann Managing Editor Healthcare IT News January 26, 2015 Electronic health records not only enable faster access to real-time patient data; they also make it a heck of a lot easier to catch snooping employees who inappropriately view patients’ confidential information, as one California hospital has observed this past week. Officials at the 785-bed California Pacific Medical Center in San Francisco – part of Sutter Health system – notified a total of 844 patients Jan. 23 after discovering a pharmacist employee had been inappropriately snooping on patients’ medical data for an entire year. The incident was discovered after the hospital conducted an EHR audit back in October 2014, when it was first discovered only 14 individuals had had their PHI compromised. Following an “expanded investigation,” hospital officials discovered the HIPAA breach was significantly larger than they had originally found, with 844 additional patients being identified as having there information inappropriately accessed. The staff member, whose employment has since been terminated, snooped on patient records from October 2013 to October 2014, including patient demographics, clinical diagnoses, prescription data and clinical notes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Oracle to fix 167 vulnerabilities, including a backdoor-like flaw in its E-Business Suite

http://www.computerworld.com/article/2872694/oracle-to-fix-167-vulnerabilities-including-a-backdoor-like-flaw-in-its-e-business-suite.html By Lucian Constantin IDG News Service Jan 20, 2015 Oracle’s monster batch of security updates expected Tuesday will include a fix for a serious misconfiguration issue in its E-Business Suite product that can give hackers access to databases full of sensitive business records. Renowned database security expert David Litchfield discovered the issue last year on a client’s system and at first he thought it was a backdoor left behind by an attacker. “On investigation, it turns out the ‘backdoor’ is part of a seeded installation!” he said Monday on Twitter. “I was flabbergasted. Still am.” In a pre-announcement about its quarterly Critical Patch Update expected today, Oracle said that 10 vulnerabilities will be fixed in E-Business Suite, six of which can be exploited remotely without authentication. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] US, UK Establish a Joint Hacker A-Team To Conduct Cyber War Games

http://www.defenseone.com/technology/2015/01/us-uk-establish-joint-hacker-team-conduct-cyber-war-games/103170/ By Patrick Tucker Defense One January 16, 2015 The White House on Friday unveiled a series of steps to increase co-operation between the United States and the United Kingdom in combating cyber threats. Those steps include better threat information sharing and the creation of a new joint cyber task force. The U.S. and U.K. already collaborate with one another and with many other countries on cyber defense issues through the Computer Emergency Readiness Team program. Today, President Barack Obama and British Prime Minister David Cameron announced the formation of a “joint cell,” that will have a physical presence in both countries and will bring together Internet security experts from the United Kingdom’s Government Communications Headquarters, GCHQ, Security Service, MI5, the National Security Agency, NSA, and the Federal Bureau of Investigation. “The cell, which will allow staff from each agency to be co-located, will focus on specific cyber defense topics and enable cyber threat information and data to be shared at pace and at greater scale,” according to a White House statement. The cell will conduct cyber war games in the spring, simulating attacks on the financial sector. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail