Tag Archives: personally identifiable information

Breach Brief – Government Payment Service Inc.

Government Payment Service Inc, doing business as GovPayNow.com has suffered a data breach reaching back to 2012. The service accepts online payments for over 2,300  local governments in 35 states. It handles payments for court-ordered fines, traffic tickets and licensing fees. KrebsonSecurity.com reported that more than 14 million customer records may have been compromised.   Names, addresses, phone numbers and the last four digits of credit cards is among the compromised data.

Notified of the leak by KrebsOnSecurity.com, GovPayNow.com learned that records could be accessed by manipulating the digits in the web address displayed by each receipt. The payment site released a statement saying it had corrected a “potential issue,” adding while there was “no indication that any improperly accessed information was used to harm any customer” the company has updated its systems to prevent the situation from repeating itself.

According to GovPayNow.com the information is public record and can accessed by other methods.

 

 

Breach Brief – Macy’s, Adidas

Macy’s department stores has reported a data breach of customer data. The breach affects Macy’s online customers and exposed names, addresses, phone numbers, email addresses, birthdays, and credit and debit card numbers with expiration dates. Macy’s pointed out that it does not store credit verification values (CVV) or Social Security numbers in its online customer profiles. Macy’s has reported the data breach and exposed card numbers to payment processors Visa, MasterCard, American Express and Discover. Macy’s has not said how many customers are impacted.

According to Macy’s the breach took place between April 26 and June 12. The company reported that an “unauthorized third party” had obtained usernames and passwords and were able to log into Macy’s and subsidiary’s Bloomingdale’s shopper’s online profiles. It is not known how the hackers got the information. Macy’s reported the breach in a letter to the New Hampshire Attorney General’s Office on July 2nd.

Macy’s has frozen any customer profiles with suspicious activity until the customers change their passwords.

“We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures,” the company said in a statement. “Macy’s, Inc. will provide consumer protection services at no cost to those customers. We have contacted potentially impacted customers with more information about these services.”

 

Adidas

Adidas, maker of sportswear and equipment, issued a warning to online shoppers in the U.S. that their personal information may have been compromised as a result a suspected data breach.  Adidas first became aware of the incident on June 26 and analysts are saying that potentially millions of customers could be affected.

A preliminary investigation revealed that the hacker may have stolen customer’s contact information, usernames and encrypted passwords. Adidas does not believe any credit card or health and fitness information was compromised.

A statement on Adidas’ website read; “According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted.” The company is in the process of notifying affected customers.

Breach Brief – TIO Networks

TIO Networks, owned by PayPal has suffered a data breach that may have compromised the personally identifiable  information or PII of up to 1.6 million customers. TIO suspended operations on November 10th to investigate “security vulnerabilities” in its payment platform.

According to PayPal customer information compromised in the breach include names, addresses, bank-account details, Social Security numbers and account login details.

TIO Networks is a Canadian company that processes payments from under served or un-banked communities. In 2016 the company processed more than $7 billion in consumer bills. TIO serves 14 million consumer bill pay accounts. Many of these consumers are poor or receive some form of public assistance using state issued EBT Cards. According to the Federal Deposit Insurance Corporation(FDIC) about 7 percent of the U.S. households are considered un-banked

The company has more than 10,000 supported billers.  TIO allows establishments like  convenience stores, supermarkets and even liquor stores to quickly process payments to  telecom, wireless, cable and utility companies. TIO’s offers more than 900 self-service kiosks and approximately 65,000 retail walk-in locations as well as mobile and web solutions.

PayPal purchased TIO Networks in July for $238 million in cash. According to PayPal its payments platform is not impacted in any way. TIO systems are completely separate from PayPal and PayPal’s customers’ data remains secure.

TIO is working with the companies it services to notify potential victims affected by the breach. These consumers will be contacted directly and receive instructions on how to sign up for credit monitoring offered by PayPal.

 

Breach Brief – Wendy’s, Centene

Wendy's_logo_2012.svg

January 29, 2016

Wendy’s

Yet another point-of-sale system appears to have been hacked. Wendy’s fast food restaurant reports that its POS system has come under suspicion for a possible breach of customer card data.

Wendy’s spokesman Bob Bertini said, “We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations. Reports indicate that fraudulent charges may have occurred elsewhere after the cards were legitimately used at some of our restaurants. We’ve hired a cybersecurity firm and launched a comprehensive and active investigation that’s underway to try to determine the facts.” Bertini did not name the security firm that is working with Wendy’s

According to Krebs on Security the first reports of the suspicious activity on customer’s cards came from financial institutions in the mid-west. However reports have begun to surface from banks on the east and west coasts. Currently there is no information on how many restaurants are affected.

Krebs On Security first reported the incident and believes that the restaurant’s POS system may have been infected by malware that collected credit card numbers. Wendy’s is not alone when it come to this type of attack.  Other restaurants and retailers hit by this style of attack include Jimmy John’s, Landry’s, P.F. Chang’s, Dairy Queen, Chick-fil-A, retail giant Target and Home Depot.

Wendy’s operates approximately 6,500 franchise and company-operated restaurants in the United States and 28 countries and U.S. territories worldwide.

Centene_Corporation_Logo.svg

Centene

The health insurer Centene is desperately searching for six hard drives that contain the personal information of over 1 million of its customers. The company has admitted to an “ongoing comprehensive internal search” for missing hard drives. 

St. Louis based Centene said the missing hard drives contain personal data about people who received laboratory services between 2009 and 2015. The drives contain patient information including names, addresses, dates of birth, social security numbers, member ID numbers and health information. According to Centene CEO Michael F. Neidorff, the company doesn’t believe the information has been used “inappropriately.”

Customer affected by the data loss will receive free credit and healthcare monitoring. 

The healthcare industry continues to be plagued by massive data breaches. For more on this topic please see;

Large-Scales Hacks Cause 98% of Leaked Healthcare Records.

Over 113 Million Healthcare Records Breached in 2015, Up Ten Fold from 2014

One in Three Americans are Victims of Healthcare Data Breaches

Identity Thieves Pray on Patient’s Medical Records

Understanding Medical Data Breaches

canstockphoto24985079Medical data breaches are constantly in the news.  According to iHealthBeat.org 1 in 10 U.S. residents have been impacted by a medical data breach. It is highly likely that millions of African-Americans have been the victim of a medical data breach and probably don’t know it. The sad news is that this has become common.

We need to understand a few things about data breaches. First, what is a data breach? What kind of data breaches are there? How many people are affected and how do you fight back if you think your data has been compromised.

Put simply a data breach is an incident where sensitive, protected or confidential information has been exposed, stolen or utilized by unauthorized individuals often to commit some type of crime.

What kind of data breaches are there? Data breaches may expose personal health information (PHI) this is a medical data breach.  Personally identifiable information (PII) is information that, on its own or combined with other information can be used to identify, contact, or locate a person, or identify an individual in context. Finally there is a data breach that exposes trade secrets or intellectual property. This usually affects businesses and sometimes falls known as industrial espionage.

Medical data breaches often involve massive numbers of people and personal information records. Here are the largest medical data breaches so far this year. Look carefully, your insurance company may be on the list.

Keep in mind that medical insurance companies are not alone when it comes to data breaches. Hospitals and health service providers are a prime target for medical data hackers. The HIPAA Act covers most medical facilities. HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The law is intended to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.

According to Datapipe.com these are the largest HIPAA data breaches of  2014.

According to a report released by KPMG 81 percent of health insurance providers and hospitals have had a data breach. The survey revealed,

  • 15 percent of healthcare organizations have no one whose sole responsibility is information security.
  • 23 percent do not have a security operations center to identify and evaluate threats.
  • 55 percent say they have a hard time staffing their organization.

Why is medical data so valuable? Medical records are ten times more valuable to hackers than your credit cards.

Your medical information is a gold mine. You probably have medical information spread over several doctor’s offices, medical services and hospitals including your dentist, pharmacy and physical therapist. These records contain information such as your Social Security number, address and phone number, email, next of kin information, phone numbers, information about your children or spouse, payment information, insurance information, and much more.

Hackers use stolen medical and insurance data to create fake IDs, buy medical equipment or drugs that they can re-sell and file fraudulent claims with insurance providers. Hackers also have more time to use stolen data to commit fraud because medical identity theft is not immediately apparent.  And mostly because these records are easy targets. According to the KMPG report hospitals and medical insururance companies are poor protectors of your information. According to the security firm Symantec health care providers saw a 72 percent increase in cyberattacks from 2013 to 2014, Health care companies are required by law to publicly disclose big health data breaches. There were more than 270 such disclosures in the last two years.

So how can African-Americans avoid the theft of their medical information?

  • If your wallet is lost or stolen, make sure your insurer(s) are notified along with your financial institutions.
  • Carefully examine all medical bills and insurance statements you receive. Look for fees from health care providers you do not recognize or statements describing benefits paid out for services you did not obtain.
  • Consider an identity protection service which will help you detect most kinds of identity theft, including medical, much earlier than you might on your own and assist you through the fraud resolution process if your information is stolen.
  • Always be alert to strange phone calls or emails from people asking medical questions or insurance questions, especially if you do not know the company.
  • Alert your caregivers of any suspicious calls or activity regarding your care.
  • Keep a close watch on your credit and banking resources. Alert you financial institutions of any suspicious or fraudulent activity.
  • Take full advantage of credit monitoring services if offered.

The loss of medical data can have a devasating personal impact. An unlucky victim may have their medical insurance coverage cancelled or suspended due to fraudulent claims. Insurance premiums may skyrocket. Others may have their identity stolen completely. Changes, intentional or accidental, to medical records could result in mis-diagnosis or mis-treatment of illnesses. Pay attention to data breach notifications. The African American Cyber Report is an excellent source for the latest breach notifications.

Know you know

 

Breach Brief – IRS Data Breach, Ashley Madison Update

August 24, 2015 

IRS Breach

IRS_LogoThe Internal Revenue Service (IRS) widened the scope of the breach first announced in May. The government agency is saying that as many as 390,000 taxpayers are now at risk. The hack was centered around the IRS’ Get Transcript system.

The IRS suspended the Get Transcript online service in May. The service was intended to simplify how taxpayers retrieve their tax records, review their tax account transactions, get line-by-line tax return information or wage and income reported to the IRS for a specific tax year.  Hackers circumvented the Get Transcript’s authentication safeguards and are believed to have gained access to taxpayer information, including Social Security numbers.

According to an August 17th statement the IRS stepped up its investigation of the breach. A deeper review of the compromised system included analyzing over 23 million system uses, including the 2015 filing season. Investigators were looking for suspicious activities and identified “more questionable attempts” to obtain taxpayer records through the Web application.

No details were provided on how the agency uncovered the additional taxpayer account breaches. But it is believed that the hackers were very skillful and probably covered their tracks to make it more made it difficult for the tax agency to quickly assess the extent of the breach.

Update-Ashley Madison Breach

ashley-madison-hed-2014Hackers who stole profile and customer data from Ashley Madison have released the data online. According to multiple reports a 10GB file of customer’s personal data including email addresses, member profiles and transaction data is now available online. Some reports say as many as 32 million customer’s information was released including one million UK civil servants, U.S. officials, members of the U.S. armed forces and top executives at European and North American corporations. There already reports of blackmail and divorce petitions because of the data release.

Impact Team, the hacker group claiming credit for the data theft,  released the data after Avid Life Media, which owns Ashley Madison and Established Men failed to meet demands that they permanently shut the sites down down. Cougar Life, another Avid Life Media site, was not mentioned and seems to be unaffected.

Additional information;

The Blackmail of Ashley Customer Has Already Begun

People are already starting divorce proceedings because of the Ashley Madison leak.

After the devastating hack, these lawsuits are threatening to wipe Ashley Madison out altogether.

A chart made from the leaked Ashley Madison data reveals which states in the US like to cheat the most.

The Pentagon Is Investigating the Ashley Madison Leak.

How to check if an account was exposed in the Ashley Madison hack

August 4, 2015

United Airlines

united_continental_logo_detAccording to Bloomberg Business United Airlines has reported that it’s customer flight records have been lost to a data breach.

The breach was detected in May or June of this year and involved flight manifests. Chinese hackers are suspected. These same Chinese hackers are suspected of stealing more than twenty million OPM records. Experts believe that Chinese intelligence is constructing a massive database.

United Airlines is one of the government’s largest contractors. It is believed that the stolen data contains vast amounts of information on military and government officials and federal employee’s travel.

Experts have also questioned a possible connection between the hack and the computer glitch that caused flight delays on July 8th. Evidence from the investigation reveal that hackers may have been inside United’s computers for months.

A spokesman for United Airlines declined to confirm that a breach occurred and insisted that customer’s private data is safe.

One of the major concerns is that hackers, tinkering with sensitive systems, could accidently or deliberately, cause massive flight delays or even cripple a major airline causing nationwide and potentially global aviation gridlock. Another concern is backdoors left inside computer networks that allow hackers back in at will.

United spokesman Luke Punzenberger said of customer information that United “would abide by notification requirements if the situation warranted.”

Medical Informatics Engineering

mielogolargeA data breach at Medical Informatics Engineering has compromised the data of over 3.9 million people nationwide. According MIE the information loss includes names, phone numbers, mailing addresses, user names, hashed passwords, security questions and answers, email addresses, birthdates, Social Security numbers, lab results, health insurance policy information, diagnoses, disability codes, doctors’ names, medical conditions, and spouses’ and childrens’ names and birthdates.

MIE creates electronic medical records software for health care providers and the result of the breach could impact as many as 11 healthcare providers including local, national and the federal government.

According to the company the hackers had access to the MIE servers for three weeks and have stolen the information to sell on the black market. Experts suspect the theft was likely and inside job.

MIE has reported the breach to the FBI Cyber squad and said the investigation into the security breach is ongoing. MIE  is offering free credit monitoring and identity theft protection. The company has established a toll free hotline available Monday-Friday 9:00AM-9:00PM EST at (866) 328-1987.

 July 28, 2015

Experian

ExperianLogo

Experian Credit Reporting Services is the target of a class action lawsuit filed in California. The amount is to be determined. According to the suit Experian was negligent and violated consumer protection laws because it failed to realize that for nearly a year a customer of it’s data brokerage subsidiary, Court Ventures, was actually a criminal gang specializing in selling consumer data to identity thieves. Experian purchased Court Vnetures in 2012.

The leader of the identity theft ring was sentenced to 13 years in prison last week in New Hampshire. Hieu Minh Ngo accessed as many as 200 million consumer records by posing as a private investigator based in the United States.

According to the government Ngo collected nearly $2 million from his scheme. The IRS has confirmed that 13,673 U.S. citizens had their personal information stolen and sold on Ngo’s websites Superget.info and Findget.me. The stolen identities were used to file over $65 million dollars in fraudulent tax returns.

Plaintiffs in the case have asked the court to compel Experian to notify all consumers affected by the breach, provide free credit monitoring services, turn over all profits made as a result of the Ngo relationship and to establish a fund to reimburse victims for the time and expenses of fighting fraud and correcting identity theft caused by customers of Ngo’s ID theft service.

U.S Census Bureau

2000px-Census_Bureau_seal.svgThe U.S. Census Bureau reported a data breach early last week. In a written statement released on Friday Census Bureau Director John H. Thompson said a database belonging to the Federal Audit Clearinghouse had been attacked. The FAC collects audit reports from the government agencies and other organizations spending federal money. 

According to Thompson the information included the names of people who submitted information, addresses, phone numbers, user names and other data. According the Bureau no household or business data was lost.

In the statement Thompson wrote that the intruders accessed the database through a configuration setting on an external IT system. That system is separate from the Census Bureau internal systems that stores census data.

In the statement Thompson went to say, “Over the last three days, we have seen no indication that there was any access to internal systems.”

The attack was apparently in protest of the Trans-Pacific Partnership and the Transatlantic Trade and Investment Partnership. Both are pending trade agreements that have been widely criticized. A group calling itself Anonymous Operations claimed credit for the breach and posted a link on Twitter to four of the stolen files.

July 20, 2015

Ashley Madison

ashley-madison-hed-2014A hacking group calling itself the Impact Team has hacked into the sex hookup website AshleyMadison.com.

According to Krebsonsecurity.com massive caches of customer and company data have been stolen and posted online. The group claims to have totally penetrated the company’s networks taking control of the company’s customer database of 37 millon users, financial records and other proprietary information. As a website dedicated to cheating spouses the damage could go well beyond lost data.

Avid Life Media, which in addition to Ashley Madison also owns hookup sites CougarLife.com and EstablishedMen.com, was attacked in retaliation for lying to customers. According to the Impact Team hackers ALM advertised to customers  a service allowing members to completely erase their profile information for a $19 fee. According to the hackers the company is not fully deleting user’s information including personally identifiable information, user’s purchase details and real name and address.

The hackers have demanded that Ashley Madison and Established Men websites be taken down immediately and permanently or more information will be released online.  The hackers are threatening to release customer records, including profiles with their secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.

Avid Life Media CEO Noel Biderman believes the attack maybe the work of one or more persons, possibly an employee or contractor, who had legitimate access to the company’s network.

July 18, 2015

CVSPhoto.com, Costocophotocenter.com, RiteAid Photo, Sams Club, Walgreens & Tesco

CVS PhotoPNI Digital Media  is a third party vendor that handles transactions for these retailers according to KrebsOn Security.com PNI has suffered a data breach of unknown size. But it is known that customer payment information has been compromised.

Neither PNI nor any of the retailers connected with the breach have said much only saying that more information will be released as it becomes available. CVSPhoto.com took down its photo site and posted an announcement indicating an investigation is under way and that other CVS sites such as it’s pharmacy were unaffected by the breach. CVS has asked customers who used the photo service to check and monitor their card statements for suspicious activity or transactions. If anything looks strange they are to contact their bank or card company immediately to report it.

Costcophotocenter.com and RiteAid photo also took their sites down.

UCLA Health

UCLA Health has confirmed health information for as many as 4 million individuals has been exposed as a result of a data breach that may have began last September. The FBI is investigating and UCLA has hired a private forensics experts to beef up the security on it’s servers.

According to a UCLA Health statement released on Friday “criminal hackers” hacked into parts of the organization’s computer network containing personal and medical information.

UCLA Health began investigating suspicious activity on its networks in October of 2014. At the time they  did not believe the attackers gained access to areas of the network containing personal and medical information.

“As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.”

Office of Personnel Management

Even though OPM suffered a data breach and the loss of information of 24 million Americans the government still has not notified those invividuals. Its been two months.

Officials from multiple agencies familiar with the investigation say that OPM is working with other agencies to set up a system to inform the victims.

An OPM official, who wishes to remain anonymous, said that because of the complicated nature of the data and movement of contract and federal employees it would be weeks before a mechanism was in place.

According to the official the government is attempting to establish a central notification system rather than rely on separate agencies to make notifications. An outside contractor  is being considered for the task but OPM has not yet asked for bids for the job.

July 16, 2015

OPM Data Breach

An interagenOPM Sealcy task force investigating April’s OPM hacking has determined with “high confidence” that as many as 21.5 million people had their personal information stolen. This includes social security numbers .

The Office of Personnel Management updated its website last Thursday with the startling new information.

According to the OPM 4.2 million former federal employees’ personnel data was stolen. While investigating that theft investigators found a much larger data theft. OPM has not yet notified the 19.7 million additional individuals affected. Those are the people who requested a background check normally for employment purposes or acces to classified information. An additional 1.8 were people were not job appicants but were either married to or co-habiting with an applicant.

In addition to personal information the hackers stole as many as one million fingerprint records.

Applicants who applied for employment had their user names and passwords for investigation forms stolen. It is also highly possible that information such as mental health history and financial history many have also been stolen. Applicants that were interviewed as part of their background investigations often reveal this sensitive information when applying for security clearences.

OPM attempted to take some of the sting from the bad news by saying “there is no evidence that health, financial, payroll, and retirement records of federal personnel or those who have applied for a federal job were impacted by this incident (for example, annuity rolls, retirement records, USAjobs, Employee Express).” The agency assures the public that it’s working to create safeguards to prevent such incidents in the future.

OPM Director Katherine Archuleta resigned her position last week after whitering criticism over the data breach.

Army National Guard Data Breach

Seal_of_the_United_States_Army_National_Guard.svgCurrent and former members of the Army National Guard members dating back to 2004 had personal information including social security numbers, birthdates and home addresses stolen. 

National Guard Spokesman Major Earl Brown, said “The National Guard Bureau takes the control of personal information very seriously,” said Brown. “After investigating the circumstances of these actions, and the information that was transferred, the Guard has determined, out of an abundance of caution, to inform current and past Guard personnel that their Personally Identifiable Information (PII) was among the files that were transferred.”

“The issue was identified and promptly reported, and we do not believe the data will be used unlawfully,” Brown said. “This was not a hacking incident, in which the intent was to use data for financial gain. Nonetheless, the Guard believes that individuals potentially affected need to know about the breach and what actions they can take to protect themselves from potential identity theft.”

If you are a member of the Nationa guard and need more information please  go to http://www.nationalguard.mil/Features/IdentityTheft.aspx or call  toll-free 877-276-4729 8AM to 4PM EST, Monday through Friday. You can also email any questions you have to dod.data.breach.questions@mail.mil

Breach Brief – United Airlines, Medical Informatics Engineering

August 4, 2015

United Airlines

united_continental_logo_detAccording to Bloomberg Business United Airlines has reported that it’s customer flight records have been lost to a data breach.

The breach was detected in May or June of this year and involved flight manifests. Chinese hackers are suspected. These same Chinese hackers are suspected of stealing more than twenty million OPM records. Experts believe that Chinese intelligence is constructing a massive database.

United Airlines is one of the government’s largest contractors. It is believed that the stolen data contains vast amounts of information on military and government officials and federal employee’s travel.

Experts have also questioned a possible connection between the hack and the computer glitch that caused flight delays on July 8th. Evidence from the investigation reveal that hackers may have been inside United’s computers for months.

A spokesman for United Airlines declined to confirm that a breach occurred and insisted that customer’s private data is safe.

One of the major concerns is that hackers, tinkering with sensitive systems, could accidently or deliberately, cause massive flight delays or even cripple a major airline causing nationwide and potentially global aviation gridlock. Another concern is backdoors left inside computer networks that allow hackers back in at will.

United spokesman Luke Punzenberger said of customer information that United “would abide by notification requirements if the situation warranted.”

Medical Informatics Engineering

mielogolargeA data breach at Medical Informatics Engineering has compromised the data of over 3.9 million people nationwide. According MIE the information loss includes names, phone numbers, mailing addresses, user names, hashed passwords, security questions and answers, email addresses, birthdates, Social Security numbers, lab results, health insurance policy information, diagnoses, disability codes, doctors’ names, medical conditions, and spouses’ and childrens’ names and birthdates.

MIE creates electronic medical records software for health care providers and the result of the breach could impact as many as 11 healthcare providers including local, national and the federal government.

According to the company the hackers had access to the MIE servers for three weeks and have stolen the information to sell on the black market. Experts suspect the theft was likely and inside job.

MIE has reported the breach to the FBI Cyber squad and said the investigation into the security breach is ongoing. MIE  is offering free credit monitoring and identity theft protection. The company has established a toll free hotline available Monday-Friday 9:00AM-9:00PM EST at (866) 328-1987.

 July 28, 2015

Experian

ExperianLogo

Experian Credit Reporting Services is the target of a class action lawsuit filed in California. The amount is to be determined. According to the suit Experian was negligent and violated consumer protection laws because it failed to realize that for nearly a year a customer of it’s data brokerage subsidiary, Court Ventures, was actually a criminal gang specializing in selling consumer data to identity thieves. Experian purchased Court Vnetures in 2012.

The leader of the identity theft ring was sentenced to 13 years in prison last week in New Hampshire. Hieu Minh Ngo accessed as many as 200 million consumer records by posing as a private investigator based in the United States.

According to the government Ngo collected nearly $2 million from his scheme. The IRS has confirmed that 13,673 U.S. citizens had their personal information stolen and sold on Ngo’s websites Superget.info and Findget.me. The stolen identities were used to file over $65 million dollars in fraudulent tax returns.

Plaintiffs in the case have asked the court to compel Experian to notify all consumers affected by the breach, provide free credit monitoring services, turn over all profits made as a result of the Ngo relationship and to establish a fund to reimburse victims for the time and expenses of fighting fraud and correcting identity theft caused by customers of Ngo’s ID theft service.

U.S Census Bureau

2000px-Census_Bureau_seal.svgThe U.S. Census Bureau reported a data breach early last week. In a written statement released on Friday Census Bureau Director John H. Thompson said a database belonging to the Federal Audit Clearinghouse had been attacked. The FAC collects audit reports from the government agencies and other organizations spending federal money. 

According to Thompson the information included the names of people who submitted information, addresses, phone numbers, user names and other data. According the Bureau no household or business data was lost.

In the statement Thompson wrote that the intruders accessed the database through a configuration setting on an external IT system. That system is separate from the Census Bureau internal systems that stores census data.

In the statement Thompson went to say, “Over the last three days, we have seen no indication that there was any access to internal systems.”

The attack was apparently in protest of the Trans-Pacific Partnership and the Transatlantic Trade and Investment Partnership. Both are pending trade agreements that have been widely criticized. A group calling itself Anonymous Operations claimed credit for the breach and posted a link on Twitter to four of the stolen files.

July 20, 2015

Ashley Madison

ashley-madison-hed-2014A hacking group calling itself the Impact Team has hacked into the sex hookup website AshleyMadison.com.

According to Krebsonsecurity.com massive caches of customer and company data have been stolen and posted online. The group claims to have totally penetrated the company’s networks taking control of the company’s customer database of 37 millon users, financial records and other proprietary information. As a website dedicated to cheating spouses the damage could go well beyond lost data.

Avid Life Media, which in addition to Ashley Madison also owns hookup sites CougarLife.com and EstablishedMen.com, was attacked in retaliation for lying to customers. According to the Impact Team hackers ALM advertised to customers  a service allowing members to completely erase their profile information for a $19 fee. According to the hackers the company is not fully deleting user’s information including personally identifiable information, user’s purchase details and real name and address.

The hackers have demanded that Ashley Madison and Established Men websites be taken down immediately and permanently or more information will be released online.  The hackers are threatening to release customer records, including profiles with their secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.

Avid Life Media CEO Noel Biderman believes the attack maybe the work of one or more persons, possibly an employee or contractor, who had legitimate access to the company’s network.

July 18, 2015

CVSPhoto.com, Costocophotocenter.com, RiteAid Photo, Sams Club, Walgreens & Tesco

CVS PhotoPNI Digital Media  is a third party vendor that handles transactions for these retailers according to KrebsOn Security.com PNI has suffered a data breach of unknown size. But it is known that customer payment information has been compromised.

Neither PNI nor any of the retailers connected with the breach have said much only saying that more information will be released as it becomes available. CVSPhoto.com took down its photo site and posted an announcement indicating an investigation is under way and that other CVS sites such as it’s pharmacy were unaffected by the breach. CVS has asked customers who used the photo service to check and monitor their card statements for suspicious activity or transactions. If anything looks strange they are to contact their bank or card company immediately to report it.

Costcophotocenter.com and RiteAid photo also took their sites down.

UCLA Health

UCLA Health has confirmed health information for as many as 4 million individuals has been exposed as a result of a data breach that may have began last September. The FBI is investigating and UCLA has hired a private forensics experts to beef up the security on it’s servers.

According to a UCLA Health statement released on Friday “criminal hackers” hacked into parts of the organization’s computer network containing personal and medical information.

UCLA Health began investigating suspicious activity on its networks in October of 2014. At the time they  did not believe the attackers gained access to areas of the network containing personal and medical information.

“As part of that ongoing investigation, on May 5, 2015, UCLA Health determined that the attackers had accessed parts of the network that contain personal information such as names, addresses, dates of birth, Social Security numbers, medical record numbers, Medicare or health plan ID numbers and some medical information. Based on the continuing investigation, it appears that the attackers may have had access to these parts of the network as early as September 2014. We continue to investigate this matter.”

Office of Personnel Management

Even though OPM suffered a data breach and the loss of information of 24 million Americans the government still has not notified those invividuals. Its been two months.

Officials from multiple agencies familiar with the investigation say that OPM is working with other agencies to set up a system to inform the victims.

An OPM official, who wishes to remain anonymous, said that because of the complicated nature of the data and movement of contract and federal employees it would be weeks before a mechanism was in place.

According to the official the government is attempting to establish a central notification system rather than rely on separate agencies to make notifications. An outside contractor  is being considered for the task but OPM has not yet asked for bids for the job.

July 16, 2015

OPM Data Breach

An interagenOPM Sealcy task force investigating April’s OPM hacking has determined with “high confidence” that as many as 21.5 million people had their personal information stolen. This includes social security numbers .

The Office of Personnel Management updated its website last Thursday with the startling new information.

According to the OPM 4.2 million former federal employees’ personnel data was stolen. While investigating that theft investigators found a much larger data theft. OPM has not yet notified the 19.7 million additional individuals affected. Those are the people who requested a background check normally for employment purposes or acces to classified information. An additional 1.8 were people were not job appicants but were either married to or co-habiting with an applicant.

In addition to personal information the hackers stole as many as one million fingerprint records.

Applicants who applied for employment had their user names and passwords for investigation forms stolen. It is also highly possible that information such as mental health history and financial history many have also been stolen. Applicants that were interviewed as part of their background investigations often reveal this sensitive information when applying for security clearences.

OPM attempted to take some of the sting from the bad news by saying “there is no evidence that health, financial, payroll, and retirement records of federal personnel or those who have applied for a federal job were impacted by this incident (for example, annuity rolls, retirement records, USAjobs, Employee Express).” The agency assures the public that it’s working to create safeguards to prevent such incidents in the future.

OPM Director Katherine Archuleta resigned her position last week after whitering criticism over the data breach.

Army National Guard Data Breach

Seal_of_the_United_States_Army_National_Guard.svgCurrent and former members of the Army National Guard members dating back to 2004 had personal information including social security numbers, birthdates and home addresses stolen. 

National Guard Spokesman Major Earl Brown, said “The National Guard Bureau takes the control of personal information very seriously,” said Brown. “After investigating the circumstances of these actions, and the information that was transferred, the Guard has determined, out of an abundance of caution, to inform current and past Guard personnel that their Personally Identifiable Information (PII) was among the files that were transferred.”

“The issue was identified and promptly reported, and we do not believe the data will be used unlawfully,” Brown said. “This was not a hacking incident, in which the intent was to use data for financial gain. Nonetheless, the Guard believes that individuals potentially affected need to know about the breach and what actions they can take to protect themselves from potential identity theft.”

If you are a member of the Nationa guard and need more information please  go to http://www.nationalguard.mil/Features/IdentityTheft.aspx or call  toll-free 877-276-4729 8AM to 4PM EST, Monday through Friday. You can also email any questions you have to dod.data.breach.questions@mail.mil

Hackers Hit OPM Again!

OPM LogoUncle Sam’s Office of Personnel Management has suffered a major data breach.  The personnel records of as many as 4 million current and former federal employees may have been compromised.

According to a press release from the OPM the agency identified a cyber security incident involving personally identifiable information (PII) of federal employees. OPM says it is working with the Department of Homeland Security’s Computer Emergency Readiness Team or CERT and the Federal Bureau of Investigation (FBI) to determine the full impact to Federal personnel. The OPM manages security clearances and employee records for every federal agency.

The federal government is the nation’s largest employer with over  4.3 million people on the payroll. According to the OPM in 2012 the federal government employed a total of 332,850 African-Americans.

This is the second data breach for the OPM. The agency admitted to a previous breach in March of 2014.  The OPM claims it has implemented improved security since that breach and this new breach came before those new standards put in place. The previous breach has been blamed on Chinese hackers and according to the Washington Post, this attack is also believed to have originated in China.

In response China said today that allegations that it is involved in breaking into U.S. government computers are irresponsible.

During a regular news briefing Chinese Foreign Ministry spokesman Hong Lei said that Beijing hopes the U.S. would be “less suspicious and stop making any unverified allegations, but show more trust and participate more in cooperation.”

Because this is OPM’s second breach within a year many experts and elected officials have legitimate questions about security practices within the agency. U.S. Sen. Mark R. Warner (D-VA) said, “Today’s reported breach is part of a troubling pattern by this agency in failing to secure the personal data of federal employees, the second major breach in a year. Cyberattacks present a critical threat to our national security and our economy. We cannot afford to keep dragging our feet in addressing the escalating threats posed by hackers out to steal individuals’ personal information.”

This intrusion was discovered by an internal network monitoring systems. It is still unclear whether the attackers exploited any residual effects from the earlier attack. There is the potential that hackers have installed a back door in OPM’s computer systems allowing them to enter at will and take what they wish. A major concern because of this data breach is that America’s intelligence operatives may be exposed. A topic few in the government are speaking about.

OPM’s chief information officer told The Washington Post.“OPM has undertaken an aggressive effort to update our cyber security posture, adding numerous tools and capabilities to our networks. As a result of adding these tools, we were able to detect this intrusion into our networks.”

Because of the incident, OPM is sending notifications to approximately 4 million past and current federal employees whose PII may have been compromised.  OPM stated that the investigation is on-going and additional PII data loss could be discovered. OPM will conduct additional notifications as necessary. OPM is offering a package of identity protection services including credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals through CSID, a company that specializes in these services.

 

 

 

ALERT! Hospital Network Hacked ALERT!

CHS-logo

Community Health Systems, a for profit hospital network operating hospitals across the nation announced today that hackers recently broke into its computers and stole data on 4.5 million patients.

Hackers broke into the company’s network and gained access to patient names, Social Security numbers, physical addresses, birthdays and telephone numbers.

Patients who received treatment from any of the company’s hospitals or were referred to the hospital by their doctor in the last five years is affected by this breach.

Data breaches of this size leave the former and current patients at risk of identity fraud. With the stolen data criminals can open bank accounts and credit cards or take out loans in the victims name and potentially destroy the victims personal credit history.

Community Health  Systems operates hospitals in 28 states with most of their facilities located in  Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas.

In response to the breach Community Health Systems (CYH) has enlisted the help of cybersecurity experts Mandiant to investigate the hack. Mandiant experts determined the hackers were in China and used highly sophisticated malware to launch the attacks in April and June this year.

FBI representatives said that the agency is working closely with the hospital network and “committing significant resources and efforts to target, disrupt, dismantle and arrest the perpetrators.”

For more information please visit

Hospital network hacked, 4.5 million records stolen

Community Health says data stolen in cyber attack from China

Community Health Systems Data Breach Affects 4.5M Patients