Week of April 7, 2017


Week of April 7, 2017

Thousands of Taxpayers Affected by Financial Aid Breach*:

  • Tax day is rapidly approaching in the US, but there could be additional headaches for up to 100,000 people this year.
  • Hackers posing as students applying for financial aid possibly swiped taxpayer details through the Free Application for Federal Student Aid (FAFSA) online tool.
  • Tax-related data breaches are becoming an annual occurrence in the United States.
  • The Department of Education and the IRS shutdown the Data Retrieval Tool for the FAFSA in early March when the two learned the system was compromised.
  • IRS became aware of a possible security flaw that would allow attackers to use the FAFSA tool to swipe tax info last fall.
  • The agency has already contacted 35,000 taxpayers and was planning to send notice to 100,000 total to warn them of a potential issue.
  • The IRS believes fewer than 8,000 fake returns were filed and processed, but the full scope of the breach has yet to be determined.

*Source: Engadget, April 07, 2017


Scottrade Bank Data Breach Exposes 20,000 Customer Records*:

  • Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public.
  • A security researcher discovered the database and contacted the company; he was eventually connected to a staffer on the Scottrade Bank security team who helped secure the data.
  • The exposed database had no encryption and included 48,000 lessee credit profile rows and 11,000 guarantor rows.
  • Each row contained information such as Social Security Numbers, names, addresses, phone numbers, and other information that one would expect a bank to possess.
  • A Scottrade spokesperson said the database was secured in six hours, and an investigation into the incident is ongoing.
  • The company stressed this was a case of human error and that Scottrade Bank's own systems remain secure and were not involved.

*Source: CSO online, April 05, 2017


Cybercriminals Seized Control of Brazilian Bank for 5 Hours*:

  • Cybercriminals for five hours one day last fall took over the online operations of a major bank and intercepted all of its online banking, mobile, point-of-sale, ATM, and investment transactions in an intricate attack.
  • The attackers compromised 36 of the bank's domains, including its internal email and FTP servers, and captured electronic transactions during a five hour period in October 2016.
  • Researchers estimate that hundreds of thousands or possibly millions of the bank’s customers worldwide may have been victimized during the hijack window.
  • The malware harvested login credentials, email contact lists, and email and FTP credentials, and disabled anti-malware software on the victim's machine to avoid detection.
  • The attackers compromised the bank’s Domain Name Service (DNS) provider and gained administrative control of the bank’s DNS account.
  • The bank, which has $25 billion in assets, 5 million customers worldwide, and 500 branches in Brazil, Argentina, the US, and the Cayman Islands, was locked out of its own network and systems during the attack.
  • The bank didn't deploy the two-factor authentication option offered by their DNS provider, which left the financial institution vulnerable to an authentication type attack.
  • The attackers also dropped on banking customer machines malware that targets a specific list of other banks in Brazil, the UK, Japan, Portugal, Italy, China, Argentina, the Cayman Islands, and the US, apparently in hopes of nabbing their accounts there as well.
  • The bank ultimately regained control of its DNS infrastructure, but the victim machines could remain infected with the malware.

*Source: Dark Reading, April 04, 2017


Foreign Hackers Arrested in Dubai after White House Staff*:

  • Dubai police arrested foreign hackers in 2015 who targeted five senior Obama White House officials in a blackmail email scam and plan to turn them over to U.S. authorities after they complete their prison sentences.
  • According to the Dubai police’s cybercrime division, an “African gang” broke into the emails of the five senior officials and “got highly confidential information.”
  • The hackers then demanded money from their targets in threatening emails.
  • Investigators tracked down the gang "in two hours" to an apartment in the emirate of Ajman and arrested three suspects with the help of local authorities.
  • Those arrested are between 24 and 26 years old and had a list of "5 million bank accounts," as well as hacking software and millions of dollars in assets.
  • None of the reports identified the White House officials targeted in the Obama administration.

*Source: AP News Archive, April 03, 2017


Hong Kong Loses 3.7 Million Voter Registration Records*:

  • Hong Kong's electoral office has apologized after two laptops were stolen, containing voter registration records along with the names of members of its Election Committee.
  • One laptop held voter registration data including ID card numbers, physical addresses and mobile phone numbers; the other contained the names of the 1,194 members of the Election Committee, although those are already public.
  • The laptops were stored in a locked room at the AsiaWorld Expo, a large conference facility.
  • The data was stored in accordance with the "relevant security requirements," including multiple layers of encryption.
  • The Registration and Electoral Office (REO) did not say how many voters might be affected, but Hong Kong reportedly has 3.7 million registered voters.
  • Hong Kong's Privacy Commissioner for Personal Data has launched an investigation.
  • The laptops were part of a backup system for the election.
  • Hong Kong led the pack early in Asia in adopting data privacy regulations; however enforcement lagged behind until a direct marketing scandal in 2010.

*Source: Data Breach Today, March 29, 2017


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top