ISR News: Bad Economy Spurs Cyber-Scams
Excerpts From Gannett’s Byron Acohido and Jon Swartz
The boom in cyberthreats that occurred during the last three months of 2008 could accelerate, especially if the economy continues to falter, security specialists say. Organized cybercrime groups have become increasingly efficient at assembling massive networks of infected computers, called botnets, and deploying them to amass large caches of stolen data, according to several surveys and dozens of interviews with security and privacy analysts. Meanwhile, scammers have honed the trickery used to turn stolen data into cash.
ISR News: BofA Pays on CW Breach
Excerpts From Courant.com
Nearly 30,000 state residents were affected by the nationwide breach, which came to light last August after the FBI arrested a former Countrywide employee on charges of selling personal information, including Social Security numbers, for as many as 2 million loan applicants.
ISR News: Fannie Mae Logic Bomb Threat
Excerpts From Wired.com’s Kevin Poulsen
A logic bomb allegedly planted by a former engineer at mortgage finance company Fannie Mae last fall would have decimated all 4,000 servers at the company, causing millions of dollars in damage and shutting down Fannie Mae for a least a week, prosecutors say.
ISR News: Heartland Breach Updates
Excerpts From 2008Breach.com
Carr stated, “PCI is a good and effective standard, but the bad guys have become more sophisticated to the point where encryption of data in motion appears to be one of the next required steps. There is no single silver bullet that will secure payment systems, and constant vigilance and monitoring of the infrastructure will always be required.
ISR News: Cyber-Crime Costs $1 Trillion
Excerpts From CNET.com’s Elinor Mills
Data theft and breaches from cyber-crime may have cost businesses as much as $1 trillion globally in lost intellectual property and expenditures for repairing the damage last year, according to a new study from McAfee. The respondents estimated that they lost data worth a total of $4.6 billion and spent about $600 million cleaning up after breaches, McAfee said.
Did Heartland CEO Make Insider Trades?
By Anthony M. Freed, Information-Security-Resources.com Financial Editor
Heartland Payment Systems (HPY) and Federal investigators have released more details about the technical nature of the massive financial data breach made public last week, but have refused to pinpoint the exact date that Heartland first became aware there may have been a problem with their network security.
That date they settle on may well be the difference between market serendipity and an SEC investigation for insider trading, as an examination of stock sales made by Heartland CEO Robert O. Carr in the second half of 2008 raises some serious questions about just who knew what and when in the latest version of the worst-ever information security breach.
Class Action Filed for Heartland Data Breach
IN THE UNITED STATES DISTRICT COURT
This is a class action lawsuit brought on behalf of Plaintiff, individually, and on behalf of similarly situated consumers or entities whose credit and/or debit card number(s), expiration date(s), internal bank codes, personal identifying information and/or other confidential financial information (the “Sensitive Financial Information”) was stolen, accessed and/or compromised by third parties while entrusted to Defendant Heartland Payment Systems, Inc. (”Heartland” or “Defendant”).
Top 10 Confidential Data Breaches of 2008
Source: Privacy Rights Clearinghouse
UPDATE: The estimated number of people affected by a data breach at Bank of New York Mellon Corp has been raised from 4.5 million to 12.5 million. As many as 4.5 million customer records are thought to be compromised. Raised from 4.5 million to 12.5 million.
ISR News: 4.5M Brits Exposed By Monster
Excerpts from DailiMail.co.uk
‘It’s a horrendous breach,’ said Graham Cluley of computer security firm Sophos. It is the third time in two years that security at the world’s largest recruitment site has been breached. In August 2007 Monster.com’s database was infected by a virus called infostealer. monstres, which siphoned off more than 1.6 million records, mostly of customers based in the US. A Russian gang was said to be responsible. It was found to be selling ‘identity harvesting services’ to fraudsters.
ISR News: Social Networks Under Attack
Excerpts from CIO.com’s Melissa Chua
According to a report from MessageLabs Intelligence, which specialises in the analysis of messaging security issues and threats, a popular tactic in 2008 among cyber criminals involved the creation of fictitious accounts on social networking sites. These fake accounts were then used to post malicious links, which usually led to a phishing site, to legitimate users.
