Charles Schwab data breach exposed client investment data

The company downplayed the possibility that the information was viewed by another person.

Charles Schwab informed some of its customers on May 4 that the company had noticed unusual login activity on their account, possibly due to an unauthorized person having obtained their account username and password.

In a letter posted on the California Attorney General Office website, the company said the unusual activity began on or after March 25 and that the account sign-on credentials were likely taken from a non-Schwab source and then successfully used to access the customer’s account, possibly exposing the client’s names, account numbers, stock positions and transaction history.

Schwab Director of Public Relations Sarah Bulgatz told SCMagazine in an email would not say exactly how many people were affected, just saying the number is small and that the company reacted quickly to the problem.

“We proactively detected the incident and quickly blocked access to the relatively small number of affected clients’ accounts to protect them,” Bulgatz said. “Bottom line, the attack doesn’t represent any vulnerability in Schwab’s systems or technologies, and appears to be something experienced  by other financial services firms as well.”

Not details regarding the site used to obtain the client credentials is available, Bulgatz said.

The also company downplayed the possibility that any client information was viewed by another person.

“This is because the person(s) involved likely used an automated program to test large numbers of login credentials against many different accounts, both at Schwab and likely at other financial institutions,” the Schwab letter stated.

Article source: http://www.scmagazine.com/charles-schwab-data-breach-exposed-client-investment-data/article/494479/

,

No Comments

Revealed: Over 42000 Irish e-mails accounts exposed in massive data breach

The accounts are part of an enormous hack that includes the credentials of 272.3 million email accounts across the world.

The breach was uncovered by US information security firm Hold Security, which said it has returned the credentials to its rightful owners.

Hold Security chief information security officer Alex Holden said there may be more than just the 42,000 “.ie” e-mails from Ireland.

“There are over 42,000 credentials from the .ie domain in the recovered data. However, please keep in mind that some of the users of popular email services (i.e. Gmail, Yahoo) may not be easy to identify by country,” Mr Holden told independent.ie.

The company said a large chunk of the accounts came from Russian e-mails but that there were also Google, Yahoo, and Microsoft accounts included.

When asked whether or not Irish accounts had been compromised Google said it is “still investigating” and had no further comment to add.

The credentials were recovered from what Holden said was a “kid from a small town in Russia”.

Credentials are acquired by hackers and are then bought and sold. However it is understood that logins don’t hold a lot of monetary value with many hackers preferring online kudos in its place.

The hacker asked Hold Security for just 50 roubles or the equivalent of a dollar for the entire set of data. However, the hacker released the information after the firm left positive feedback in hacker forums.

Online Editors

Article source: http://www.independent.ie/business/irish/revealed-over-42000-irish-emails-accounts-exposed-in-massive-data-breach-34690465.html

,

No Comments

Gmail, Hotmail and Yahoo Mail breach potentially linked to PwnedList hack

THE MAJOR BREACH that this week hit Gmail, Hotmail and Yahoo Mail could be linked to the recent attack on PwnedList, according to a security expert.

Nadav Avital, application security researcher at Imperva, has said that given the scale of this week’s breach, which saw 272 million webmail log-ins stolen and traded in Russia, it could be related to the recent hack on the PwnedList website which exposed 866 million credentials.

“It is unclear how the hacker obtained so many credentials, particularly as no vendor has verified a breach, however it is possible that this case is related to the recent publication of the PwnedList breach,” Avital said.

“If the hacker was able to get access to PwnedList data, a service which aggregates stolen credentials, then he would have access to numerous accounts from multiple vendors.”

There are still lots of questions, though, especially given that 42.5 million of the pilfered credentials have never been leaked before.

Google and Yahoo have both admitted that they are still ‘investigating’ the breach.

In a statement given to the BBC, a Google spokesperson didn’t really have much to say but noted that the firm is looking into it.

“We are still investigating, so we don’t have a comment at this time,” the spokesperson said.

Yahoo is also keeping a keen eye on things. “We’ve seen the reports and our team is reaching out to Hold Security to obtain the list of accounts now,” a spokesperson for the company said. “We’ll update going forward.”

Microsoft said on Wednesday that its webmail security will be able to detect if a users’ account has been compromised and that it would help those affected to regain sole access to their Hotmail accounts.

News of this major data breach first came via Reuters. It heard via Alex Holden, founder and chief information security officer of Hold Security – and the man who last year uncovered the largest data breach to date, that ‘hundreds of millions’ of usernames and passwords belonging to Gmail, Hotmail and Yahoo Mail users are being traded in Russia’s criminal underworld.

Russia’s own Mail.ru email service accounts for the majority of hacked accounts at 57 million, but a large number also belong to Gmail, Hotmail and Yahoo Mail users.

Yahoo Mail credentials totaled 40 million, or 15 per cent of the haul, Hotmail accounted for 33 million, or 12 per cent, while 24 million, or nine per cent, belonged to Gmail account holder.  

It wasn’t just email accounts that were targeted, according to the report, with Holden also discovering thousands of other stolen username and password combinations that appear to belong to employees of some of the largest US banking, manufacturing and retail companies.

Holden stumbled on the discovery after he saw a young Russian hacker – since nicknamed “The Collector” – bragging about the information haul in an online forum. He was asking for just 50 rubles – less than $1 – for the lot, but Holden was given the information for free after he said he’d big up the hacker online. 

“This information is potent,” Holden said. “It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.”

Mail.ru spokeswoman Madina Tayupova told Reuters: “We are now checking whether any combinations of usernames/passwords match users’ emails and are still active.

“As soon as we have enough information we will warn the users who might have been affected,” she said, adding that Mail.ru’s initial checks found no live combinations of usernames and passwords that match existing emails.”

We’ll update this article when we hear more. µ

To hear more about security challenges, the threats they pose and how to combat them, sign up for The INQUIRER sister site Computing‘s Enterprise Security and Risk Management conference, taking place on 24 November.

<!–

Article source: http://www.theinquirer.net/inquirer/news/2456948/huge-data-breach-sees-millions-of-gmail-hotmail-and-yahoo-mail-account-details-stolen

,

No Comments

Saint Agnes Medical Center victim of data breach

Saint Agnes Medical Center said it was the victim of an email phishing attack on May 2 that affected 2,800 employees.

The scammers obtained information from the W-2s of all individuals employed by the hospital during the 2015 calendar year, spokeswoman Kelley Sanchez said. The hospital’s systems weren’t compromised and all patient information remains secure.

The hospital responded to the phishing attack by informing the FBI and offering a free one-year membership to Experian’s ProtectMyID Elite for affected employees, Sanchez said. The service monitors all three credit-monitoring bureaus, providing up to $1 million in reimbursement for fraudulent charges and provides identity restoration services should a member be victimized by identity theft or fraud.

Saint Agnes President and CEO Nancy Hollingsworth said in a statement that phishing attacks like the one that targeted the hospital are on the rise nationwide and could pose a threat to everyone.

“It’s more important than ever for individuals and businesses – to seek out information and education about the issue of security so we can protect ourselves from becoming victims. We deeply regret that our colleagues have been affected by this unfortunate incident, but hope that sharing our story will help to bring greater awareness to our community.”

Article source: http://www.fresnobee.com/news/local/crime/article76002977.html

,

No Comments

Tipster details financial mess for some employees after Landstar data breach

by: Letisha Bereola, Action News Jax
Updated: May 5, 2016 – 11:37 PM

Landstar
Landstar

An anonymous tipster sent a letter to the Action News Jax newsroom detailing the alleged financial mess some employees are going through after a major security breach at Jacksonville-based Landstar.

A Landstar spokesperson confirmed in late April the company was the victim of an email phishing attack and W-2 information for all employees got into the wrong hands.

Now, the tipster claims, “new credit cards have been opened for employees and their spouses, bank accounts have been accessed … employees are paying out of pocket to freeze credit.”


Trending on ActionNewsJax.com:

More popular and trending stories


A computer security consultant, Brian Cox, said scammers are targeting corporations now more than ever.

“Especially around tax time or if they know it’s the end of the fiscal year for the company they’ll start soliciting for information,” Cox said.

We asked Landstar for a comment, but haven’t heard back yet.

Cox said if you plan on sending sensitive information online, use a secure portal. 

Article source: http://www.actionnewsjax.com/news/local/tipster-details-financial-mess-for-some-employees-after-landstar-data-breach/263904212

,

No Comments

Huge Email Data Breach Means Your Passwords Aren’t Safe

Emails have been hacked and your passwords aren’t safe. And while a data breach seems to happen every month or so, this one is for real. Seriously, this particular hack is going to take down all your accounts, and your important information is going to be in the hands of Russian mobsters by the end of the afternoon.

Now that tensions have been relieved with a comedic tone, this data breach is actually pretty serious. As Reuters reported earlier this morning, it is one of the largest breaches since US banks and retailers dropped the online security ball two years ago. A hacker in Russia stole over 272 million email accounts. Google, Yahoo and Hotmail were among those hacked in addition to Mail.ru, Russia’s most popular emailing service.

Alex Holden, founder and chief information security officer of Hold Security, was the information source for the data breach. He stated that the discovery came after Hold Security employees found a young Russian hacker bragging in an online forum that he had stolen the IDs and passwords of billions of email users around the world. After ruling out duplicates and inactive accounts, it was decided that approximately 272 million users were at risk.

“This information is potent. It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him,” said Holden, the former chief security officer at R.W. Baird. “These credentials can be abused multiple times.”

The strangest thing about this breach, as Holden mentioned, is the immaturity of the hacker in question. Not only is he deemed a “young Russian hacker,” but he was also asking for 50 roubles for every single account. That is less than a single dollar. Even stranger, the young Russian hacker ended up lowering his price from “50 roubles” to “favorable comments from Hold Security on reputable hacker forums.” Yes, this hacker traded his bounty for a better reputation. And you would think a nod from Reuters would be enough for him.

Fortunately, most of these accounts can be secured by changing passwords. The damage should be minimal and nothing more than a few identity thieves will come away with anything more than a few bucks. Mail.ru, the biggest loser in this situation, is even keeping their cool under pressure.

“We are now checking, whether any combinations of usernames/passwords match users’ e-mails and are still active,” said a representative to Reuters.

Article source: https://tech.co/huge-data-breach-2016-05

,

No Comments

Data Breaches Rise While Companies Struggle With Detection

  • Blockchain: Not Just For Financial Services

    Blockchain technology has a number of applications beyond serving as a ledger for the cryptocurrency bitcoin. Organizations across a range of industries are examining how blockchain technology could reduce friction in transactions and eliminate reliance on third-party intermediaries to establish trust between parties.

  • Article source: http://blogs.wsj.com/cio/2016/05/05/data-breaches-rise-while-companies-struggle-to-detect-them/

    ,

    No Comments

    CDOT data breach may lead to identity theft, investigation ongoing

    Traffic moves along on newly paved parts of highway U.S. 36 west of Lyons, Colo., on Sept. 8, 2014.

    State investigators are looking into a database breach at the Colorado Department of Transportation which could lead to identity thefts.

    The breach of the Disadvantaged Business Enterprise program with CDOT was discovered recently and has been reported to the Colorado Bureau of Investigation, said Amy Ford, a CDOT spokeswoman.

    Personal information on program members has been compromised and could lead to a “risk of identity theft,” Ford said.

    Members of the federally mandated program, through the U.S. Department of Transportation (USDOT), have been notified of the breach.

    “A probationary employee, who worked at CDOT from January 2016 to April 2016 and had access to confidential tax returns of DBE…firms, had been using personal information for improper purposes,” the notification letter, sent Wednesday, said.

    The employee, who passed a background check and had no previous criminal record, is no longer with CDOT. An investigation by both the CBI and CDOT is ongoing. The employee was not identified Thursday.

    “It appears that family members of firm owners were targeted, so we encourage you to be aware of a potential misuse of the information of your dependents,” the letter warned.

    The letter urged anyone who suspects they’ve been compromised to contact the CBI.

    The data base contains several hundred businesses. Ford said CDOT is looking at internal processes and procedures to minimize the chance of future like incidents.

    Kieran Nicholson: 303-954-1822, [email protected] or @kierannicholson

    Article source: http://www.denverpost.com/news/ci_29856130/cdot-data-breach-may-lead-identity-theft-investigation

    ,

    No Comments

    Data Breaches Rise While Companies Struggle to Detect Them

  • Blockchain: Not Just For Financial Services

    Blockchain technology has a number of applications beyond serving as a ledger for the cryptocurrency bitcoin. Organizations across a range of industries are examining how blockchain technology could reduce friction in transactions and eliminate reliance on third-party intermediaries to establish trust between parties.

  • Article source: http://blogs.wsj.com/cio/2016/05/05/data-breaches-rise-while-companies-struggle-to-detect-them/

    ,

    No Comments

    Robbery at CA Practice Causes Possible Healthcare Data Breach

    A California-based chiropractic office has notified 600 patients of a potential healthcare data breach after the practice was burgled in early March, reported EastBayTimes.com.

    A stolen laptop and hard drive resulted in a healthcare data breach in CA

    In an official statement, Vibrant Body Wellness explained that a laptop and backup hard drive were stolen after a break-in occurred sometime between March 5 and March 8.

    The chiropractic practice confirmed that the laptop was password-protected and patient information on the hard drive was encrypted. Despite the security measures, the practice stated that patient information may still be at risk, including names, addresses, dates of birth, contact information, diagnoses, and billing information.

    Upon discovery of the healthcare data security incident, Vibrant Body Wellness reported the robbery to local law enforcement officials.

    Affected individuals have been notified of the possible healthcare data breach and the practice has encouraged affected patients to place a fraud alert on their credit accounts, explained the statement. The practice confirmed that there has been no reported events of health information being improperly accessed or used.

    “We understand that this may pose an inconvenience to you. We sincerely apologize and regret that this situation has occurred,” wrote the owner of the practice, Teresa Lau, DC, in a letter to affected patients. “Vibrant Body Wellness is committed to providing quality care, including protecting your personal information, and we want to assure you that we have policies and procedures to protect your privacy.”

    Healthcare business associate reports potential healthcare data breach

    EqualizeRCM Systems, a billing and collection services vendor, reported a healthcare data security incident after a laptop containing patient information was stolen, according to a company statement.

    On February 29, EqualizeRCM Systems learned that a laptop was stolen from one of its employees on either February 25 or February 26.

    Upon investigation, the healthcare vendor discovered that the laptop contained personal information for patients at specific facilities.

    The documents on the stolen device may have included names, addresses, phone numbers, dates of birth, insurance information, genders, healthcare provider information, billing and diagnosis codes, medical record numbers, internal reference numbers, dates and types of service, locations of services received, and other administrative data.

    The vendor reported that financial information and Social Security numbers were not affected.

    EqualizeRCM Systems did not report how many individuals were affected by the potential healthcare data breach. However, a letter to the New Hampshire Department of Justice confirmed that two individuals from the state were affected.

    While the vendor has not received any indication that patient information has been inappropriately accessed, it has offered affected individuals complimentary identity theft monitoring and remediation services.

    The company has also mailed notification letters to affected individuals, reported the statement.

    To prevent future healthcare data security incidents, EqualizeRCM Systems stated that it has developed and implemented additional security measures.

    “The privacy and protection of patient information is a top priority for EqualizeRCM, and we deeply regret any inconvenience or concern this incident may cause,” explained the statement. “We are working closely with the affected facilities in our response to this event, and have taken steps to help prevent this type of incident from happening in the future including reviewing our policies and procedures, implementing additional safeguards to ensure information in our control is appropriately protected, and retraining employees on existing policies for the proper handling of sensitive information.”

    Possible PHI breach after employees photograph lab results

    A possible healthcare date breach occurred at BioReference Laboratories in New Jersey after photographs containing PHI were sent in an unsecured email.

    In a HIPAA Incident notification on its website, BioReference Laboratories reported that some of its phlebotomists in Florida took pictures of lab test results using their smartphones. The employees then sent the photographs via unsecured email to the laboratories.

    The pictures were also stored on the phones without proper safeguards.

    Patient information, including names, dates of birth, addresses, admission and discharge dates, medical record numbers, Social Security numbers, insurance information, diagnosis codes, and descriptions of lab tests, may be at risk of being improperly accessed, stated the company.

    However, the healthcare company confirmed that the photographs did not contain passwords, security codes, or financial information.

    Additionally, BioReference Laboratories stated that this type of healthcare data security incident may have occurred on multiple occasions between January 2013 and February 2016.

    The official statement did not indicate how many individuals may have been impacted by the most recent event.

    However, the OCR data breach reporting tool states that 3,563 individuals were potentially affected.

    In response, BioReference Laboratories has launched an internal investigation and updated its healthcare data security measures and internal safeguards.

    Officials at the laboratory have also contacted affected individuals about the possible healthcare data breach, offered free credit monitoring services for those affected, and established an incident hotline.

    Article source: http://healthitsecurity.com/news/robbery-at-ca-practice-causes-possible-healthcare-data-breach

    ,

    No Comments