Monday, November 19, 2007
Behind the Alicia Keys MySpace Scam
Tuesday, Nov. 13, 2007
Behind the Alicia Keys MySpace Scam
By Anita Hamilton
It's easy to see how visitors to Alicia Keys' MySpace page could have accidentally clicked on the wrong spot last week and gotten whisked off to a Chinese website that tried to install malicious code onto their computers. The buttons to play Keys' songs were clearly marked — and clean — but almost every other image on the site, including the full-sized background photo of the diva herself, had been hacked in such a way that merely clicking on it could infect visitors' computers with malware. So if you happened to click on Keys' bare midriff on Nov. 8, you would have been siphoned to a murky corner of cyberspace: a site that attempted to install a program that could trick you into buying fake anti-virus software, record the credit card information you used to buy it, and secretly log every other user name and password you typed into your computer as well.
MySpace identified the problem last Thursday and within 24 hours had scrubbed Keys' page of all bogus links, according to MySpace's chief security officer, Hemanshu Nigam. "Her profile was phished," says Nigam, "which means that whoever is managing her site probably input their user name and password where they shouldn't have," possibly by responding to a scam e-mail, which would have enabled the hackers to install false links on the diva's page. The clean-up happened just in time for the Nov. 13 release of her new album, As I Am, but Keys' wasn't the only MySpace page that got hacked: Some two dozen other bands appear to have suffered the same security breach, including the indie groups Jet King, Wee Red Bar and Seagull Strange in the United Kingdom, according to the blog VitalSecurity.org. "We've been covering these band hacks since October 31," says VitalSecurity blogger and Internet security expert Christopher Boyd. MySpace says it has discovered and removed links to the same Chinese site embedded on up to 50 other pages, but declined to identify which pages had been infected.
The recent spate of attacks is just a piece of a larger problem. Scams and security breaches have been plaguing MySpace for at least two years, and Internet sleuths say social-networking sites have become the destination of choice for online swindlers. "The bad guys really are focusing on these social sites because of the trust people put in their friends' list," says Internet analyst John Pescatore of Gartner. "They don't leap up and sell you penis enlargement or lottery tickets. They capture passwords." New generation viruses are indeed much more treacherous than in the past; rather than merely hobbling your computer, so-called Trojans are designed to access financial information via passwords you store online or by getting you to buy bogus security products.
Though MySpace chalks up the Keys incident to a straightforward case of phishing, some independent security experts say that may not be the case. "It seems too strange to think that all these bands have suddenly fallen prey to a phishing attack," says Boyd. "Someone may have worked out a genuine hack." If so, that means that the security breach lies within MySpace itself, and isn't a simple case of a user accidentally typing a password on a bogus site. "Either MySpace was hacked or certain accounts on MySpace were phished," says Roger Thompson, a security expert at Exploit Prevention Labs, who has posted a video of the Alicia Keys hack online.
The best way to remove any malicious code that may have been installed on your computer — and more importantly, to prevent future assaults — is to use free anti-virus software like Windows Defender or AVG, or to pay for a more full-featured product like Norton Internet Security 2008. While you're at it, check your online financial accounts to make sure there has been no unusual activity, and go ahead and change all your passwords too. Bottom line: just use common sense.
Behind the Alicia Keys MySpace Scam
By Anita Hamilton
It's easy to see how visitors to Alicia Keys' MySpace page could have accidentally clicked on the wrong spot last week and gotten whisked off to a Chinese website that tried to install malicious code onto their computers. The buttons to play Keys' songs were clearly marked — and clean — but almost every other image on the site, including the full-sized background photo of the diva herself, had been hacked in such a way that merely clicking on it could infect visitors' computers with malware. So if you happened to click on Keys' bare midriff on Nov. 8, you would have been siphoned to a murky corner of cyberspace: a site that attempted to install a program that could trick you into buying fake anti-virus software, record the credit card information you used to buy it, and secretly log every other user name and password you typed into your computer as well.
MySpace identified the problem last Thursday and within 24 hours had scrubbed Keys' page of all bogus links, according to MySpace's chief security officer, Hemanshu Nigam. "Her profile was phished," says Nigam, "which means that whoever is managing her site probably input their user name and password where they shouldn't have," possibly by responding to a scam e-mail, which would have enabled the hackers to install false links on the diva's page. The clean-up happened just in time for the Nov. 13 release of her new album, As I Am, but Keys' wasn't the only MySpace page that got hacked: Some two dozen other bands appear to have suffered the same security breach, including the indie groups Jet King, Wee Red Bar and Seagull Strange in the United Kingdom, according to the blog VitalSecurity.org. "We've been covering these band hacks since October 31," says VitalSecurity blogger and Internet security expert Christopher Boyd. MySpace says it has discovered and removed links to the same Chinese site embedded on up to 50 other pages, but declined to identify which pages had been infected.
The recent spate of attacks is just a piece of a larger problem. Scams and security breaches have been plaguing MySpace for at least two years, and Internet sleuths say social-networking sites have become the destination of choice for online swindlers. "The bad guys really are focusing on these social sites because of the trust people put in their friends' list," says Internet analyst John Pescatore of Gartner. "They don't leap up and sell you penis enlargement or lottery tickets. They capture passwords." New generation viruses are indeed much more treacherous than in the past; rather than merely hobbling your computer, so-called Trojans are designed to access financial information via passwords you store online or by getting you to buy bogus security products.
Though MySpace chalks up the Keys incident to a straightforward case of phishing, some independent security experts say that may not be the case. "It seems too strange to think that all these bands have suddenly fallen prey to a phishing attack," says Boyd. "Someone may have worked out a genuine hack." If so, that means that the security breach lies within MySpace itself, and isn't a simple case of a user accidentally typing a password on a bogus site. "Either MySpace was hacked or certain accounts on MySpace were phished," says Roger Thompson, a security expert at Exploit Prevention Labs, who has posted a video of the Alicia Keys hack online.
The best way to remove any malicious code that may have been installed on your computer — and more importantly, to prevent future assaults — is to use free anti-virus software like Windows Defender or AVG, or to pay for a more full-featured product like Norton Internet Security 2008. While you're at it, check your online financial accounts to make sure there has been no unusual activity, and go ahead and change all your passwords too. Bottom line: just use common sense.
Seventeen Indicted For Cybercrime And ID Theft In New York
Seventeen Indicted For Cybercrime And ID Theft In New York
The defendants are charged with participating in a multinational, Internet-based criminal enterprise that trafficked in stolen credit card data and personal information.
By Thomas Claburn, InformationWeek
Nov. 9, 2007
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=202804370
Seventeen people and one corporation have been charged with trafficking in stolen credit cards, cybercrime, and identity theft, Manhattan District Attorney Robert M. Morgenthau said.
Three of the defendants -- Vadim Vassilenko, Yelena Barysheva, and John Washington -- were arraigned the day of the announcement. Six of them -- Tetyana Goloborodko, Douglas Latta, Angela Perez, Kostas Kapsis, Lyndon Roach, and Keith Cummings -- were arraigned previously. Two of them -- Eduard Kholstinin and Oleksiy Yarne -- are in custody in other states on unrelated charges. And six others are still being sought by authorities.
Western Express International, formerly headquartered in Manhattan, also was indicted. Vadim Vassilenko and Yelena Barysheva served as corporate officers for the company.
Wednesday's indictment arises from an earlier investigation and indictment of Western Express in February 2006. Vadim Vassilenko and Yelena Barysheva pleaded guilty to charges in that case and both are serving sentences in state prison.
The 173-count indictment is the culmination of a two-year joint investigation conducted by the Manhattan District Attorney's Identity Theft Unit and the United States Secret Service. It charges the defendants with participating in a multinational, Internet-based criminal enterprise -- known to authorities as the "Western Express Cybercrime Group" -- that trafficked in stolen credit card data and personal information.
"The defendants created and participated in a computerized marketplace for the global trafficking of stolen credit card numbers and other stolen personal identifying information," the Manhattan district attorney's office said in a statement Wednesday. "That marketplace enabled the defendants to conduct anonymous transactions, via the Internet and by other means, using sophisticated payment schemes. The payment schemes were intended to ensure that the participants in the transactions would be impossible to identify, and that the proceeds of their criminal activity could not be traced."
The Manhattan district attorney's office alleges that the Western Express committed more than $4 million worth of credit card fraud, and trafficked in more than 95,000 stolen credit card numbers. The company may be responsible for additional fraud which has yet to be identified.
Over the course of four years, $35 million flowed through various bank accounts set up by Western Express, some of which can be attributed to an illegal check cashing business, Morgenthau's office claims. The criminal enterprise allegedly made extensive use of digital currencies e-gold and WebMoney for money laundering and to conceal the movement of funds.
The defendants are charged with enterprise corruption, a class B felony that is punishable by up to 25 years in prison. Additional charges include grand larceny, money laundering, criminal possession of stolen property, falsifying business records, criminal possession of a forged instrument, scheme to defraud, and conspiracy to commit the crimes of grand larceny and criminal possession of stolen property.
The defendants are charged with participating in a multinational, Internet-based criminal enterprise that trafficked in stolen credit card data and personal information.
By Thomas Claburn, InformationWeek
Nov. 9, 2007
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=202804370
Seventeen people and one corporation have been charged with trafficking in stolen credit cards, cybercrime, and identity theft, Manhattan District Attorney Robert M. Morgenthau said.
Three of the defendants -- Vadim Vassilenko, Yelena Barysheva, and John Washington -- were arraigned the day of the announcement. Six of them -- Tetyana Goloborodko, Douglas Latta, Angela Perez, Kostas Kapsis, Lyndon Roach, and Keith Cummings -- were arraigned previously. Two of them -- Eduard Kholstinin and Oleksiy Yarne -- are in custody in other states on unrelated charges. And six others are still being sought by authorities.
Western Express International, formerly headquartered in Manhattan, also was indicted. Vadim Vassilenko and Yelena Barysheva served as corporate officers for the company.
Wednesday's indictment arises from an earlier investigation and indictment of Western Express in February 2006. Vadim Vassilenko and Yelena Barysheva pleaded guilty to charges in that case and both are serving sentences in state prison.
The 173-count indictment is the culmination of a two-year joint investigation conducted by the Manhattan District Attorney's Identity Theft Unit and the United States Secret Service. It charges the defendants with participating in a multinational, Internet-based criminal enterprise -- known to authorities as the "Western Express Cybercrime Group" -- that trafficked in stolen credit card data and personal information.
"The defendants created and participated in a computerized marketplace for the global trafficking of stolen credit card numbers and other stolen personal identifying information," the Manhattan district attorney's office said in a statement Wednesday. "That marketplace enabled the defendants to conduct anonymous transactions, via the Internet and by other means, using sophisticated payment schemes. The payment schemes were intended to ensure that the participants in the transactions would be impossible to identify, and that the proceeds of their criminal activity could not be traced."
The Manhattan district attorney's office alleges that the Western Express committed more than $4 million worth of credit card fraud, and trafficked in more than 95,000 stolen credit card numbers. The company may be responsible for additional fraud which has yet to be identified.
Over the course of four years, $35 million flowed through various bank accounts set up by Western Express, some of which can be attributed to an illegal check cashing business, Morgenthau's office claims. The criminal enterprise allegedly made extensive use of digital currencies e-gold and WebMoney for money laundering and to conceal the movement of funds.
The defendants are charged with enterprise corruption, a class B felony that is punishable by up to 25 years in prison. Additional charges include grand larceny, money laundering, criminal possession of stolen property, falsifying business records, criminal possession of a forged instrument, scheme to defraud, and conspiracy to commit the crimes of grand larceny and criminal possession of stolen property.
A Chronology of Data Breaches
http://www.privacyrights.org/ar/ChronDataBreaches.htm#Total
Monday, November 05, 2007
Commerce Bank hacked; says damage limited
Commerce Bank hacked; says damage limited
Jeremy Kirk
October 10, 2007 (IDG News Service) A regional bank in the U.S. said it was able to deflect most of a hacking attempt on its database, but not before some customer information was divulged.
Commerce Bank N.A., which operates banks in five U.S. states, said Tuesday that a hacker gained access to a database with about 3,000 customer records and accessed data belonging to 20 of them. The bank is contacting those who may have been affected.
The hacking was quickly detected and stopped, according to Commerce Bank, which then notified law enforcement.
It wasn't clear how the hacker accessed the bank's database. A common method is by passing malicious data through Web-based forms, known as a SQL (Structure Query Language) injection, which can force the database to reveal other information it holds.
Hackers often look for vulnerabilities in bank and e-commerce Web sites that will allow them to tap into their back-end databases.
Commerce Bank is a subsidiary of Commerce Bancshares Inc., a regional bank holding company.
Jeremy Kirk
October 10, 2007 (IDG News Service) A regional bank in the U.S. said it was able to deflect most of a hacking attempt on its database, but not before some customer information was divulged.
Commerce Bank N.A., which operates banks in five U.S. states, said Tuesday that a hacker gained access to a database with about 3,000 customer records and accessed data belonging to 20 of them. The bank is contacting those who may have been affected.
The hacking was quickly detected and stopped, according to Commerce Bank, which then notified law enforcement.
It wasn't clear how the hacker accessed the bank's database. A common method is by passing malicious data through Web-based forms, known as a SQL (Structure Query Language) injection, which can force the database to reveal other information it holds.
Hackers often look for vulnerabilities in bank and e-commerce Web sites that will allow them to tap into their back-end databases.
Commerce Bank is a subsidiary of Commerce Bancshares Inc., a regional bank holding company.
Medical group manager gets prison for stealing patients' records
Medical group manager gets prison for stealing patients' records
John Cote, Chronicle Staff Writer
Wednesday, October 10, 2007
(10-09) 12:42 PDT SAN JOSE - A former branch manager at the San Jose Medical Group has been sentenced to almost two years in prison for stealing medical records for about 187,000 patients, federal prosecutors said today.
Joseph Nathaniel Harris, 44, pleaded guilty in May to one count of health care-related theft after he stole computer equipment from his former employer, including a DVD that contained patients' names, Social Security numbers, medical diagnoses and other information, the U.S. attorney's office said.
Harris was sentenced Friday in U.S. District Court in San Jose to 21 months in prison and three years of supervised release. Judge Jeremy Fogel also ordered him to pay $145,154 in restitution.
Harris, now an Anaheim resident, was directed to begin his sentence Jan. 4.
Harris worked as the branch manager of the San Jose Medical Group's McKee clinic at 227 Jackson Ave. in August and September 2004, court records said.
During that time, "there were several incidents of reported theft of money and medications," according to an affidavit by FBI Agent Deborah Amrhein. "Because of these suspicions, (CEO Ernie) Wallerstein asked Harris to resign. ... Harris complied."
On March 28, 2005, employees discovered computer equipment was missing from the medical group's administrative office, including a DVD with clinic visit entries and detailed information for 187,000 patients in the South Bay, prosecutors said.
Harris kept the DVD but sold the stolen computer equipment, prosecutors said. FBI agents later found the DVD in Harris' car. He was charged in January 2006 with the theft.
During his employment at the medical group, Harris "bragged to fellow employees of his experience as a Green Beret, in military security and about his side business selling used computers," Amrhein wrote in the affidavit.
After Harris resigned, there were six burglaries at three San Jose Medical Group offices. Amrhein also reported that Harris had been fired from a 2003 job at the Silicon Valley Children's Fund for conducting personal business, including selling computers on Craigslist, on company time.
After he was fired from that job, there was a burglary at the Children's Fund offices and two computers were stolen, according to court documents.
John Cote, Chronicle Staff Writer
Wednesday, October 10, 2007
(10-09) 12:42 PDT SAN JOSE - A former branch manager at the San Jose Medical Group has been sentenced to almost two years in prison for stealing medical records for about 187,000 patients, federal prosecutors said today.
Joseph Nathaniel Harris, 44, pleaded guilty in May to one count of health care-related theft after he stole computer equipment from his former employer, including a DVD that contained patients' names, Social Security numbers, medical diagnoses and other information, the U.S. attorney's office said.
Harris was sentenced Friday in U.S. District Court in San Jose to 21 months in prison and three years of supervised release. Judge Jeremy Fogel also ordered him to pay $145,154 in restitution.
Harris, now an Anaheim resident, was directed to begin his sentence Jan. 4.
Harris worked as the branch manager of the San Jose Medical Group's McKee clinic at 227 Jackson Ave. in August and September 2004, court records said.
During that time, "there were several incidents of reported theft of money and medications," according to an affidavit by FBI Agent Deborah Amrhein. "Because of these suspicions, (CEO Ernie) Wallerstein asked Harris to resign. ... Harris complied."
On March 28, 2005, employees discovered computer equipment was missing from the medical group's administrative office, including a DVD with clinic visit entries and detailed information for 187,000 patients in the South Bay, prosecutors said.
Harris kept the DVD but sold the stolen computer equipment, prosecutors said. FBI agents later found the DVD in Harris' car. He was charged in January 2006 with the theft.
During his employment at the medical group, Harris "bragged to fellow employees of his experience as a Green Beret, in military security and about his side business selling used computers," Amrhein wrote in the affidavit.
After Harris resigned, there were six burglaries at three San Jose Medical Group offices. Amrhein also reported that Harris had been fired from a 2003 job at the Silicon Valley Children's Fund for conducting personal business, including selling computers on Craigslist, on company time.
After he was fired from that job, there was a burglary at the Children's Fund offices and two computers were stolen, according to court documents.
Labels: San Jose Medical Group
Office of financial aid loses back up info
Office of financial aid loses back up info
Iron Mountain Incorporated has notified the Louisiana Office of Student Financial Assistance (LOSFA) that it lost back-up media belonging to LOSFA on September 19, 2007. Iron Mountain Incorporated, a private, international data storage company that the State of Louisiana contracts with to store its data, began efforts to locate the media the same day after discovering the loss. LOSFA immediately reported the incident to appropriate state authorities and has begun its public notifications. To date, the media has not been found, and the investigations by state and local law enforcement are ongoing.
The lost media includes some personal information on individuals participating in, or considered for participation in, programs administered by LOSFA. The data is compressed and requires special software, specific computer equipment and sophisticated computer skills to access it.
"We have no reason to believe that the information has been accessed or that it has been misused in any way," said Melanie Amrhein, Executive Director of the Louisiana Office of Student Financial Assistance. "However, we believe that our clients are entitled to be informed of the risks associated with the loss of this media and of the steps that they can take to protect themselves."
"The Louisiana Office of Student Financial Assistance is working diligently to notify all potentially affected individuals. LOSFA has set up a call center and a web site to advise them of ways to protect their privacy," said Amrhein. She added that LOSFA has contracted with a nationally recognized organization specializing in the field of identity theft to assist it in providing the best information available to LOSFA's clients.
LOSFA urges anyone who falls into the following categories to log on to http://www.osfa.la.gov/Notice.htm or to call (1-800-645-7990) to learn what steps can be taken to minimize the potential risk of identity theft:
" Anyone who has a Louisiana College Savings account (START Saving Program).
" Any resident of the state of Louisiana who has completed a Free Application for Federal Student Aid (FAFSA).
" Anyone has who completed a FAFSA and included a Louisiana postsecondary institution as an institution to which FAFSA data should be sent.
" Anyone who has applied for or received a Tuition Opportunity Program for Students (TOPS) Scholarship.
" Anyone who has applied for or who has received student financial aid in the State of Louisiana.
"LOSFA is committed to ensuring data security for our clients, and is taking all steps necessary to help those who are affected. We will make ongoing efforts to safeguard our clients' personal privacy." Amrhein continued. "Details regarding the lost data must remain confidential to ensure that the opportunity to use the data is minimized. Once deemed appropriate, further information will be released."
Iron Mountain Incorporated has notified the Louisiana Office of Student Financial Assistance (LOSFA) that it lost back-up media belonging to LOSFA on September 19, 2007. Iron Mountain Incorporated, a private, international data storage company that the State of Louisiana contracts with to store its data, began efforts to locate the media the same day after discovering the loss. LOSFA immediately reported the incident to appropriate state authorities and has begun its public notifications. To date, the media has not been found, and the investigations by state and local law enforcement are ongoing.
The lost media includes some personal information on individuals participating in, or considered for participation in, programs administered by LOSFA. The data is compressed and requires special software, specific computer equipment and sophisticated computer skills to access it.
"We have no reason to believe that the information has been accessed or that it has been misused in any way," said Melanie Amrhein, Executive Director of the Louisiana Office of Student Financial Assistance. "However, we believe that our clients are entitled to be informed of the risks associated with the loss of this media and of the steps that they can take to protect themselves."
"The Louisiana Office of Student Financial Assistance is working diligently to notify all potentially affected individuals. LOSFA has set up a call center and a web site to advise them of ways to protect their privacy," said Amrhein. She added that LOSFA has contracted with a nationally recognized organization specializing in the field of identity theft to assist it in providing the best information available to LOSFA's clients.
LOSFA urges anyone who falls into the following categories to log on to http://www.osfa.la.gov/Notice.htm or to call (1-800-645-7990) to learn what steps can be taken to minimize the potential risk of identity theft:
" Anyone who has a Louisiana College Savings account (START Saving Program).
" Any resident of the state of Louisiana who has completed a Free Application for Federal Student Aid (FAFSA).
" Anyone has who completed a FAFSA and included a Louisiana postsecondary institution as an institution to which FAFSA data should be sent.
" Anyone who has applied for or received a Tuition Opportunity Program for Students (TOPS) Scholarship.
" Anyone who has applied for or who has received student financial aid in the State of Louisiana.
"LOSFA is committed to ensuring data security for our clients, and is taking all steps necessary to help those who are affected. We will make ongoing efforts to safeguard our clients' personal privacy." Amrhein continued. "Details regarding the lost data must remain confidential to ensure that the opportunity to use the data is minimized. Once deemed appropriate, further information will be released."
Labels: Iron Mountain Inc, LOSFA
Team 5 Investigates Confirms 10,000 Employees At Risk
Team 5 Investigates Confirms 10,000 Employees At Risk
POSTED: 3:23 pm EDT October 16, 2007
UPDATED: 5:38 pm EDT October 16, 2007
BOSTON -- Team 5 Investigates has confirmed that a Home Depot laptop containing the personal information of 10,000 employees has been stolen from the home of a worker in Massachusetts.
NewsCenter 5's Sean Kelly reported Tuesday that employees nationwide are potentially impacted.
Home Depot is the world's largest home improvement store.
The retailer tells Team 5 Investigates it is confident that this personal information was not the thief's target, but that is little consolation to thousands of Home Depot workers, including Anthony Garro, of Salem. He and his wife both received letters from Home Depot headquarters in Atlanta telling them that their personal information may be in the wrong hands.
"They can get your Social Security number, date of birth, you know. They can open up an account, anything," Garro said.
Garro is currently on disability, but has worked for Home Depot for approximately eight years in the hardware and millwork departments.
Team 5 Investigates has confirmed that the laptop was stolen from the personal car of an unnamed Massachusetts employee, while the car was parked at his residence. Home Depot will not disclose the city or town.
When asked if he is worried about his personal information being stolen, Garro said, "Definitely,"
"How did it get missing? Who did it? Sure, they're investigating it, but they're not letting us know," he said.
The letter from Home Depot said, "Recently, a password protected laptop was stolen, which may have contained your name, SSN and in some cases, your address."
Home Depot said it regrets any inconvenience and is offering free credit monitoring for a year.
The home improvement giant is just the latest organization to lose personal data via a stolen laptop. The Transportation Security Administration, Yale University, Veterans Affairs Administration are among those hit recently, leaving tens of thousands of people nationwide to watch their accounts, and wait for any sign of misuse.
"It's their problem, it's their fault," Garro said. "Why should we have to go online, take our time to do everything? I think that's wrong."
So far, Home Depot said they know of no efforts to misuse these employees' personal information. They are cooperating with police here in Massachusetts, hoping to recover this stolen laptop.
POSTED: 3:23 pm EDT October 16, 2007
UPDATED: 5:38 pm EDT October 16, 2007
BOSTON -- Team 5 Investigates has confirmed that a Home Depot laptop containing the personal information of 10,000 employees has been stolen from the home of a worker in Massachusetts.
NewsCenter 5's Sean Kelly reported Tuesday that employees nationwide are potentially impacted.
Home Depot is the world's largest home improvement store.
The retailer tells Team 5 Investigates it is confident that this personal information was not the thief's target, but that is little consolation to thousands of Home Depot workers, including Anthony Garro, of Salem. He and his wife both received letters from Home Depot headquarters in Atlanta telling them that their personal information may be in the wrong hands.
"They can get your Social Security number, date of birth, you know. They can open up an account, anything," Garro said.
Garro is currently on disability, but has worked for Home Depot for approximately eight years in the hardware and millwork departments.
Team 5 Investigates has confirmed that the laptop was stolen from the personal car of an unnamed Massachusetts employee, while the car was parked at his residence. Home Depot will not disclose the city or town.
When asked if he is worried about his personal information being stolen, Garro said, "Definitely,"
"How did it get missing? Who did it? Sure, they're investigating it, but they're not letting us know," he said.
The letter from Home Depot said, "Recently, a password protected laptop was stolen, which may have contained your name, SSN and in some cases, your address."
Home Depot said it regrets any inconvenience and is offering free credit monitoring for a year.
The home improvement giant is just the latest organization to lose personal data via a stolen laptop. The Transportation Security Administration, Yale University, Veterans Affairs Administration are among those hit recently, leaving tens of thousands of people nationwide to watch their accounts, and wait for any sign of misuse.
"It's their problem, it's their fault," Garro said. "Why should we have to go online, take our time to do everything? I think that's wrong."
So far, Home Depot said they know of no efforts to misuse these employees' personal information. They are cooperating with police here in Massachusetts, hoping to recover this stolen laptop.
Labels: Home Depot, Team 5 Investigates
Fasthosts customer? Change your password now
Fasthosts customer? Change your password now
By Chris Williams
Published Thursday 18th October 2007 11:26 GMT
Updated Fasthosts, "the UK's number 1 web host", has fired off emergency emails telling customers to change all their passwords after police were called in to investigate a major data breach.
The Gloucester-based firm contacted The Reg this morning with a statement. It said: "As the breach could relate to Fasthosts customer data... Fasthosts has subsequently reviewed and updated its security and worked with external security experts to ensure that all data held by Fasthosts is secure.
"As a precautionary measure, Fasthosts has asked its customers to update their passwords. This includes their control panel, email, FTP, and database passwords, all of which can be changed via the customer control panel. Fasthosts has now implemented customer password encryption to further protect customer data."
We've asked Fasthosts why the passwords were not encrypted in the first place. It said: "Historically, Internet companies have rarely encrypted passwords to aid customer service."
Fasthosts said that the attack affected one server at its headquarters, and added that a system-wide audit had identified and closed the hole where the intruder gained access.
It apologised for any "concern or inconvenience" caused by the intrusion. The statement said: "Fasthosts considers that its practices and procedures are up to date, and represent good practice in continually protecting the security of its customer data, and the company remains fully confident in its ability to do so."
The security flap comes directly after Fasthosts angered its email customers by permanently deleting mail and not immediately telling them. ®
Update
We asked Fasthosts for more detail about the chain of events. It says it can't reveal more details of the timings because of the ongoing police inquiry, but sent us a further statement:
Detection systems revealed that an unauthorized third party gained access to some of our internal systems via network connections. This security breach was only possible because of a security vulnerability which was forced illegally.
As we are currently working with the police and other relevant industry bodies to apprehend the intruder, we regret that we are unable to comment on any details that might prejudice the ongoing investigation.
Fasthosts has been working with the police and other relevant authorities since we became aware of the intrusion.
By Chris Williams
Published Thursday 18th October 2007 11:26 GMT
Updated Fasthosts, "the UK's number 1 web host", has fired off emergency emails telling customers to change all their passwords after police were called in to investigate a major data breach.
The Gloucester-based firm contacted The Reg this morning with a statement. It said: "As the breach could relate to Fasthosts customer data... Fasthosts has subsequently reviewed and updated its security and worked with external security experts to ensure that all data held by Fasthosts is secure.
"As a precautionary measure, Fasthosts has asked its customers to update their passwords. This includes their control panel, email, FTP, and database passwords, all of which can be changed via the customer control panel. Fasthosts has now implemented customer password encryption to further protect customer data."
We've asked Fasthosts why the passwords were not encrypted in the first place. It said: "Historically, Internet companies have rarely encrypted passwords to aid customer service."
Fasthosts said that the attack affected one server at its headquarters, and added that a system-wide audit had identified and closed the hole where the intruder gained access.
It apologised for any "concern or inconvenience" caused by the intrusion. The statement said: "Fasthosts considers that its practices and procedures are up to date, and represent good practice in continually protecting the security of its customer data, and the company remains fully confident in its ability to do so."
The security flap comes directly after Fasthosts angered its email customers by permanently deleting mail and not immediately telling them. ®
Update
We asked Fasthosts for more detail about the chain of events. It says it can't reveal more details of the timings because of the ongoing police inquiry, but sent us a further statement:
Detection systems revealed that an unauthorized third party gained access to some of our internal systems via network connections. This security breach was only possible because of a security vulnerability which was forced illegally.
As we are currently working with the police and other relevant industry bodies to apprehend the intruder, we regret that we are unable to comment on any details that might prejudice the ongoing investigation.
Fasthosts has been working with the police and other relevant authorities since we became aware of the intrusion.
Labels: Fasthosts
2 TSA contractor laptops with personal information are missing
2 TSA contractor laptops with personal information are missing
By EILEEN SULLIVAN, The Associated Press
2007-10-15 21:25:49.0
Current rank: Not ranked
WASHINGTON -
Two laptop computers with detailed personal information about commercial drivers across the country who transport hazardous materials are missing and considered stolen.
The laptops belong to a contractor working for the Transportation Security Administration and contain the names, addresses, birthdays, commercial driver's license numbers and, in some cases, Social Security numbers of 3,930 people, according to an Oct. 12 letter from TSA to lawmakers.
The contractor, Integrated Biometric Technology, told TSA that the personal information was deleted from the computers before they were stolen, the letter stated. But after the second laptop was stolen, TSA investigators discovered that a person with data recovery skills could recover the personal information that the contractor deleted. TSA spokesman Christopher White said none of the information on the computers has been misused.
News of the security breach came the day before TSA begins collecting similar personal information from employees with access to areas at the port of Wilmington, Del. The Transportation Worker Identification Credential program is set to launch in Wilmington on Tuesday. Eventually 750,000 employees across the country with access to port areas will be required to submit information for background checks.
"We're outraged that on the eve of expanded worker screening for port workers, it appears that TSA and its contractors failed to protect the confidential information of other transportation workers who underwent similar background checks," said Edward Wytkind, president of the AFL-CIO's transportation trades department. But White said the TWIC program would be run through TSA computers and not the contractor's.
Since the two laptops were stolen, TSA has instructed the contractor to fully encrypt hard drives. The TSA program, called the Hazardous Materials Endorsement Threat Assessment, collects information for security-clearance purposes for any driver who transports hazardous materials. These assessments were mandated in the Patriot Act. Integrated Biometric Technology will provide one year of free credit-monitoring services to the 3,930 people affected.
Earlier this year, TSA lost a computer hard drive with sensitive bank and payroll data for 100,000 employees. The hard drive contained historical payroll data, Social Security numbers, dates of birth, addresses, time and leave data, bank account and routing information, and details about financial allotments and deductions.
"It would be nice if the department in charge of homeland security would actually be able to secure the data on their own computers," said Rep. Ed Markey, D-Mass. "Right now, the department's data privacy track record falls far short of what DHS employees and the American public expect and deserve."
By EILEEN SULLIVAN, The Associated Press
2007-10-15 21:25:49.0
Current rank: Not ranked
WASHINGTON -
Two laptop computers with detailed personal information about commercial drivers across the country who transport hazardous materials are missing and considered stolen.
The laptops belong to a contractor working for the Transportation Security Administration and contain the names, addresses, birthdays, commercial driver's license numbers and, in some cases, Social Security numbers of 3,930 people, according to an Oct. 12 letter from TSA to lawmakers.
The contractor, Integrated Biometric Technology, told TSA that the personal information was deleted from the computers before they were stolen, the letter stated. But after the second laptop was stolen, TSA investigators discovered that a person with data recovery skills could recover the personal information that the contractor deleted. TSA spokesman Christopher White said none of the information on the computers has been misused.
News of the security breach came the day before TSA begins collecting similar personal information from employees with access to areas at the port of Wilmington, Del. The Transportation Worker Identification Credential program is set to launch in Wilmington on Tuesday. Eventually 750,000 employees across the country with access to port areas will be required to submit information for background checks.
"We're outraged that on the eve of expanded worker screening for port workers, it appears that TSA and its contractors failed to protect the confidential information of other transportation workers who underwent similar background checks," said Edward Wytkind, president of the AFL-CIO's transportation trades department. But White said the TWIC program would be run through TSA computers and not the contractor's.
Since the two laptops were stolen, TSA has instructed the contractor to fully encrypt hard drives. The TSA program, called the Hazardous Materials Endorsement Threat Assessment, collects information for security-clearance purposes for any driver who transports hazardous materials. These assessments were mandated in the Patriot Act. Integrated Biometric Technology will provide one year of free credit-monitoring services to the 3,930 people affected.
Earlier this year, TSA lost a computer hard drive with sensitive bank and payroll data for 100,000 employees. The hard drive contained historical payroll data, Social Security numbers, dates of birth, addresses, time and leave data, bank account and routing information, and details about financial allotments and deductions.
"It would be nice if the department in charge of homeland security would actually be able to secure the data on their own computers," said Rep. Ed Markey, D-Mass. "Right now, the department's data privacy track record falls far short of what DHS employees and the American public expect and deserve."
Labels: Transportation Security Admin.
Former IT Admin Convicted of Sabotage
Former IT Admin Convicted of Sabotage
Disgruntled staffer faces 10 years in jail after destroying payroll and HR files at Pentastar
OCTOBER 11, 2007 | 5:15 PM
By Tim Wilson
Site Editor, Dark Reading
Joseph Patrick Nolan faces 10 years in prison and a $250,000 fine today after being convicted of destroying critical payroll and personnel data at Pentastar Aviation LLC, his former employer.
Nolan, a 26-year-old IT worker, resigned from Pentastar on January 15 of this year, according to court documents. He was told that he would not have to work during the two weeks' notice he had given the company -- as long as he signed a separation agreement by January 26, which he failed to do.
On January 30, Nolan called Pentastar's human resources department, inquiring about his final paycheck. Nolan was told that he would not receive the check, because he hadn't signed the separation agreement.
On February 1, the disgruntled Nolan gained unauthorized access to Pentastar's computer systems and effectively obliterated a drive that contained all of the company's payroll and personnel records, according to court documents.
Pentastar, a private company that offers a wide variety of aviation maintenance, leasing, and catering services, spent about $30,000 to repair the damage, according to court documents. The court filings do not say exactly how he accomplished the feat, or how the data was recovered.
Nolan will be sentenced on January 24.
Disgruntled staffer faces 10 years in jail after destroying payroll and HR files at Pentastar
OCTOBER 11, 2007 | 5:15 PM
By Tim Wilson
Site Editor, Dark Reading
Joseph Patrick Nolan faces 10 years in prison and a $250,000 fine today after being convicted of destroying critical payroll and personnel data at Pentastar Aviation LLC, his former employer.
Nolan, a 26-year-old IT worker, resigned from Pentastar on January 15 of this year, according to court documents. He was told that he would not have to work during the two weeks' notice he had given the company -- as long as he signed a separation agreement by January 26, which he failed to do.
On January 30, Nolan called Pentastar's human resources department, inquiring about his final paycheck. Nolan was told that he would not receive the check, because he hadn't signed the separation agreement.
On February 1, the disgruntled Nolan gained unauthorized access to Pentastar's computer systems and effectively obliterated a drive that contained all of the company's payroll and personnel records, according to court documents.
Pentastar, a private company that offers a wide variety of aviation maintenance, leasing, and catering services, spent about $30,000 to repair the damage, according to court documents. The court filings do not say exactly how he accomplished the feat, or how the data was recovered.
Nolan will be sentenced on January 24.
Labels: Pentastar
Study Reveals New Findings About Identity Theft Perpetrators
Study Reveals New Findings About Identity Theft Perpetrators
10/22/2007 UTICA, N.Y. - Identity thieves are typically young, work solo and rely on the Internet for fewer than one-fifth of their crimes, according to a new study of Secret Service cases.
The Center for Identity Management and Information Protection also found that "insider" employees were the offenders in just one-third of the cases. Employees who stole identity information often worked in the retail industry, the report found.
"There are some common perceptions we have that identity theft involves a person sitting at a computer hacking into corporate or individual computers. ... Certainly it is happening, but it is a crime that is happening in a multitude of ways, some of it as simple as stealing mail out of a mailbox," said Gary Gordon, a professor of economic crime programs who founded and heads the center at Utica College.
The Department of Justice-funded study, which was to be released Monday at a news conference in Washington, D.C., differs from previous studies because it focused on identity thieves and their methods, rather than victims, said Michael Stenger, Assistant Director of Investigations for the Secret Service, which agreed to open its case files to the center.
Researchers reviewed 517 cases closed by the Secret Service between 2000 and 2006. Two-thirds of the cases were concentrated in the Northeast and South and there were 933 defendants. The Federal Trade Commission has said about 3 million Americans have their identities stolen annually.
The study found that 42.5 percent of offenders were between the ages of 25 and 34. Another 18 percent were between the ages of 18 and 24. Two-thirds of the identity thieves were male.
Nearly a quarter of the offenders were born outside the United States.
Eighty percent of the cases involved an offender working solo or with a single partner, the report found.
While identity thieves used a wide combination of methods, fewer than 20 percent of the crimes involved the Internet. The most frequently used non-technological method was the rerouting of mail through change of address cards. Other prevalent non-technological methods were mail theft and dumpster diving.
Of the 933 offenders, 609 said they initiated their crime by stealing fragments of personal identifying information, as opposed to stealing entire documents, such as bank cards or driver's licenses.
Most of the offenses were committed by non-employees who victimized strangers. Employee insiders were the offenders in just one-third of the 517 cases. When an employee did commit identity theft, the offenders were employed in a retail business in two out of every five instances, the report said. Stores, gas stations, car dealerships, casinos, restaurants, hotels, doctors and hospitals were all considered retail operations in the study.
In about a fifth of the cases, the employee worked in the financial services industry.
"This is important research," said Ann Wallace, executive director of the Identity Theft Assistance Center, a national nonprofit group that helps victims and law enforcement agencies fight identity theft crimes.
Wallace had not read the study but said she was familiar with its findings, which were "consistent with what we hear from victims."
"We have to know more about the crime in order to fight it. This will help law enforcement understand the problem and it will help consumers better understand the risk."
10/22/2007 UTICA, N.Y. - Identity thieves are typically young, work solo and rely on the Internet for fewer than one-fifth of their crimes, according to a new study of Secret Service cases.
The Center for Identity Management and Information Protection also found that "insider" employees were the offenders in just one-third of the cases. Employees who stole identity information often worked in the retail industry, the report found.
"There are some common perceptions we have that identity theft involves a person sitting at a computer hacking into corporate or individual computers. ... Certainly it is happening, but it is a crime that is happening in a multitude of ways, some of it as simple as stealing mail out of a mailbox," said Gary Gordon, a professor of economic crime programs who founded and heads the center at Utica College.
The Department of Justice-funded study, which was to be released Monday at a news conference in Washington, D.C., differs from previous studies because it focused on identity thieves and their methods, rather than victims, said Michael Stenger, Assistant Director of Investigations for the Secret Service, which agreed to open its case files to the center.
Researchers reviewed 517 cases closed by the Secret Service between 2000 and 2006. Two-thirds of the cases were concentrated in the Northeast and South and there were 933 defendants. The Federal Trade Commission has said about 3 million Americans have their identities stolen annually.
The study found that 42.5 percent of offenders were between the ages of 25 and 34. Another 18 percent were between the ages of 18 and 24. Two-thirds of the identity thieves were male.
Nearly a quarter of the offenders were born outside the United States.
Eighty percent of the cases involved an offender working solo or with a single partner, the report found.
While identity thieves used a wide combination of methods, fewer than 20 percent of the crimes involved the Internet. The most frequently used non-technological method was the rerouting of mail through change of address cards. Other prevalent non-technological methods were mail theft and dumpster diving.
Of the 933 offenders, 609 said they initiated their crime by stealing fragments of personal identifying information, as opposed to stealing entire documents, such as bank cards or driver's licenses.
Most of the offenses were committed by non-employees who victimized strangers. Employee insiders were the offenders in just one-third of the 517 cases. When an employee did commit identity theft, the offenders were employed in a retail business in two out of every five instances, the report said. Stores, gas stations, car dealerships, casinos, restaurants, hotels, doctors and hospitals were all considered retail operations in the study.
In about a fifth of the cases, the employee worked in the financial services industry.
"This is important research," said Ann Wallace, executive director of the Identity Theft Assistance Center, a national nonprofit group that helps victims and law enforcement agencies fight identity theft crimes.
Wallace had not read the study but said she was familiar with its findings, which were "consistent with what we hear from victims."
"We have to know more about the crime in order to fight it. This will help law enforcement understand the problem and it will help consumers better understand the risk."
Labels: Center for Identity Management and Information
