Thursday, November 12, 2009

$9 Million ATM heist

Hackers from Eastern Europe were indicted for allegedly breaking into the computer network of RBS WorldPay, an Atlanta-based credit card processing subsidiary of the Royal Bank of Scotland (RBS), and withdrawing $9.4 million dollars within 12 hours from 2,100 ATMS in 280 cities around the world.

According to the indictment, a pair of hackers identified vulnerabilities that let them break into RBS WorldPay’s system. The company manages payroll operations for dozens of banks and companies across the United States, and specializes in prepaid payroll cards -- a type of debit card that employers pay employees. Once into the system, the hackers stole card numbers and PIN codes. Using a method they devised to reverse-engineer the encrypted PINs, the hackers created 44 prepaid payroll cards with inflated limits and usable PIN codes.

The cards were distributed to a network of "cashers." On Nov. 8, 2008, the cashers started withdrawing money from ATMs in the United States, Canada, Russia, Estonia, Italy, Hong Kong, Japan and Ukraine. The cashers were paid with 30% to 50% of the proceeds.

RBS WorldPay later announced that financial account information of 1.5 million customers and the social security numbers of 1.1 million individuals may have been accessed by the ring.

See, “Four hackers indicted in $9.4 million ATM heist,” Christian Science Monitor, November 10, 2009, at; “ATM hacking ring garnered millions,” Globe and Mail, November 11, 2009, at; B. Sterling, “The bank-card hackers and their army of cashers,” Wired, November 10, 2009, at; "RBS credit card fraud gang 'stole $9m in 12 hours'," Telegraph, November 11, 2009, at

Friday, October 16, 2009

Sidekick falls through the Cloud

In what is being described as the largest failing of "cloud computing" to date, about 1 million US owners of the T-Mobile Sidekick lost data stored on their mobile phones due to a back-up failure. A Microsoft subsidiary, Danger, operates the Sidekick data service.

T-Mobile and Microsoft announced that customers whose data could not be recovered will receive a $100 gift card in addition to one month data service credit. T-Mobile also temporarily halted sales of the Sidekick.

Microsoft later announced that all data will be restored, beginning with personal contacts. According to the company, the utage was caused by a system failure that created data loss in the core database and the back up. Microsoft says it has installed a "more resilient back-up process" to safeguard against a repeat incident.

See, "Phone sales hit by Sidekick loss," BBC News, October 12, 2009, at; "T-Mobile to Update Sidekick Users on Data Loss," San Francisco Chronicle, October 12, 2009, at; "T-Mobile, Microsoft Promise $100 Gift Card For Lost Data," Information Week, October 13, 2009, at; "Microsoft recovers Sidekick data ," BBC News, October 15, 2009, at; "Danger Debacle Highlights Microsoft's Dilemma With Mobile ," Wall St. Journal, October 15, 2009, at

Wednesday, August 26, 2009

Model Outs Blogger

In an online defamation case, a Manhattan supreme court judge allowed Vogue cover girl Liskula Cohen to compel Google to identify an anonymous blogger who called her a “psychotic, lying, whoring ... skank." The judge rejected the blogger’s claim that the blogs “serve as a modern-day forum for conveying personal opinions, including invective and ranting,” and should not be treated as factual assertions.

Rosemary Port, who was then outed, sued Google -- which operates the blog, "Skanks in NYC" -- for failing to protect her right to privacy.

“Vogue model Liskula Cohen wins right to unmask offensive blogger,” Times, August 19, 2009, at;
“Google lawsuit dispels the Web’s oldest tradition: anonymity,” Christian Science Monitor, August 20, 2009, at; “Unmasked Google blogger to sue over privacy breach,” Times, August 24, 2009, at; “Model Liksula Cohen still not getting apology from blogger Rosemary Port,” New York Daily News, August 26, 2009, at;
“Stung by the Perfect Sting, New York Times, August 25, 2009, at

Monday, August 17, 2009

Charges brought in largest hacking and identity theft case

Three men were indicted on federal charges in the largest computer hacking and identity theft case ever charged in the U.S. The defendants allegedly hacked into computer networks of major U.S. retail and financial organizations -- using a standard (and preventable) SQL injection attack that exploits a database when user input is not properly filtered -- and stole data related to more than 130 million credit and debit cards.

Albert Gonzalez, of Miami, along with two unnamed Russians, stands accused of hacking into Heartland Payment Systems, 7-Eleven, and Hannaford Bros. The stolen data was sent to computer servers that Gonzalez and his co-conspirators operated in California, Illinois, Latvia, the Netherlands, and Ukraine.

The hackers were also allegedly involved in the cracking of a Citibank-branded ATM network lcoated in 7-Eleven stores. The group penetrated a network linking 2,200 ATMs (by breaching a back-end system that had been outsourced by 7-Eleven) and stole card and PIN codes, using them to steal about $2 million in cash from Citibank ATMs. They also compromised prepaid iWire cards and withdrew about $5 million, which was sent to Russia.

Gonzalez is currently awaiting trial on charges that he and others allegedly also stole more than 40 million credit-card numbers from TJX and others, costing TJX $200 million.

According to the Justice Department, Gonzalez had been arrested in 2003, but not charged because he agreed to become an informant for the Secret Service.

See, "Three Indicted in Major Hacking Case," Wall St. Journal, August 17, 2009, at; "U.S. Indicts 3 in Theft of 130 Million Bank Cards," New York Times, August 17, 2009, at; "Arrest in Epic Cyber Swindle," Wall St. Journal, August 18, 2009, at; "Hacker Indictments Highlight Application Security," InformationWeek, August 18, 2009, at;jsessionid=2IV31GYNRMD3RQE1GHOSKHWATMY32JVN; "Cyber-thieves linked to Citibank ATM breach," Financial Times, August 24, 2009, at

Saturday, August 1, 2009

Most damaging hacker to be extradited to the US

A UK court has approved the extradition to the US of Gary McKinnon, who admits hacking into 97 computers belonging to the US Defence Department, Navy, Army, Air Force and after September 11, 2001. McKinnon is claimed to be most prolific and damaging computer hacker in US military history. One message he allegedly left on a Pentagon computer stated, “U.S. foreign policy is akin to government-sponsored terrorism. I will continue to disrupt at the highest possible level.”

McKinnon and family say his actions were influenced by Asperger’s syndrome, a form of autism. McKinnon, admitting the charges, says that rather than harming the United States, his goal was to expose evidence that "secretive parts of the American government intelligence agencies did have access to crashed extra terrestrial technology which could… save us as a form of free, clean, pollution-free energy." But prosecutors seeking his extradition have said his actions were not benign and the diagnosis was made long after the computer hacking occurred and the case against him was under way.

See, "Hacker’s Extradition to U.S. More Likely," New York Times, July 31, 2009, at; "Autistic Genius Hacked Military Computers in Search of Alien Eco Tech," CBS News, July 31, 2009, at; "New legal blow for hacker fighting extradition to US," Independent, August 1, 2009, at ;

Friday, July 17, 2009

Stolen Goldman Sachs code could be used to manipulate markets unfairly

A former Goldman Sachs computer programmer, Sergey Aleynikov, was arrested and charged with stealing computer code related to the firm's high-speed stock and commodities trading platform. Federal prosecutors allege Aleynikov downloaded the code and then uploaded it to a computer server in Germany. Aleynikov claims he "only intended to collect 'open source' files on which he had worked, but later realized that he had obtained more files than he intended."

Aleynikov was part of a team responsible for developing and improving Goldman Sachs's trading platform. He was required to sign a confidentiality agreement when first employed there. He resigned from the firm to work for a new company that also planned to engage in high-volume automated trading.

Assistant U.S. Attorney Joseph Facciponti told a federal magistrate judge at a bail hearing that, Goldman Sachs "has raised the possibility that there is a danger that somebody who knew how to use this program could use it to manipulate markets in unfair ways.”

See, "Ex-Goldman Employee Charged With Code Theft ," Wall St. Journal, July 6, 2009, at; "Goldman Sachs Loses Grip on Its Doomsday Machine," Bloomberg, July 9, 2009, at; "Steal this code," New York Times, July 16, 2009, at

Quadrillion dollar glitches hit Visa debit card users

A New Hampshire man using his Visa debit card at a gas station to buy a pack of cigarettes found that his account was charged $23,148,855,308,184,500 for the transaction. Bank of America also added a $15 overdraft charge.

A North Texas man was charged the same when he charged a slice of pizza and a Coke to his Visa card.

Visa Debit Processing Services acknowledged that a programming error impacted about 13,000 transactions.

See, "US shopper charged $23 quadrillion for cigarettes," Guardian, July 16, 2009, at; "The $23 Quadrillion Pack Of Cigarettes," DigitalTrends, July 16, 2009, at; "Pizza And Soda? That'll Be $23 Quadrillion, Please," NPR, July 15, 2009,

Thursday, July 16, 2009

Hacker rips through Twitter and its business plans

A hacker broke into the email account of a Twitter administrative employee and gained access to the employee’s Google Apps account, where the company shares spreadsheets and documents. The hacker then sent documents about company plans and finances, confidential contracts, and job applicants to two tech news blogs. The disclosed information included personal information about Twitter employees, including credit card numbers. The hacker also broke into the e-mail account of the wife of Twitter’s chief executive and from then accessed several of his personal Internet accounts, including those at Amazon and PayPal.

One of the blogs disclosed that the documents show that Twitter projects that it will reach a billion users and $1.54 billion in revenue by 2013. The documents also show information about potential business models, the competitive threat from Facebook, and when the company might be acquired.

The hacker managed to launch the attacks by correctly answering personal questions that Gmail asks users in order to reset their password. The hacker claims to want to teach people to be more careful.

While Twitter users were not affected, some became victims of a separate attack to have them pay $49.95 for a fake anti-virus software.

See, "Twitter Hack Raises Flags on Security," New York Times, July 15, 2009, at; "Twitter hacked; confidential documents stolen," San Jose Mercury News, July 15, 2009, at

Wednesday, July 8, 2009

Hackers knock off line South Korean banks and government sites

Hackers using a Distributed Denial of Service attack disabled the Web sites in South Korea of several major government agencies and financial institutions, including the office of South Korea’s president, the National Assembly, the defence and foreign ministries, two banks, and the US-South Korea combined forces military command. North Korea is suspected of launching the cyberattack.

See, "North Korea 'launches massive cyber attack on Seoul'," July 8, 2009, Times, at; "South Korea: Authorities Issue Cybersecurity Warning," New York Times, July 8, 2009, at

Sunday, July 5, 2009

Britain's chief spy exposed on Facebook

The wife of the Sir John Sawer, new head of MI6 (the British Secret Intelligence Service), posted on Facebook details of their London apartment, the whereabouts of their three children and of Sir John’s parents, and family photos. She used no privacy protection on the account, making the postings available to Facebook’s 200 million users.

The incident led to warnings to diplomats and civil servants about the dangers of putting details of their family and career on social networking websites.

See, "Farce of the Facebook spy: MI6 chief faces probe after wife exposes their life on Net," Daily Mail, July 6, 2009, at; "Wife of Sir John Sawer, the future head of MI6, in Facebook security alert," July 6, 2009, Times, at

Saturday, June 13, 2009

Phone hacks financed terrorism

Authorities in the US and Italy arrested a group of hackers and others who allegedly stole phone service (about 12 million minutes, valued at $55 million), resold it via call centers and phone cards, and used the profit to fund terrorist activities.

Three suspects living in the Philipines allegedly provided Pakistani nationals living in Italy with access to stolen phone lines. According to Philippines authorities, one of the suspects has ties to al Qaeda.

The hackers received about $100 a hack, in payments made by the Madina Trading Co., which provided wire transfers via U.S.-based money-transfer services. The company, owned by one of the call center operators, also paid for the Internet-based phone accounts used by the 11-26 Mumbai attackers to make calls to their handlers.

See, "Alleged Hacking-Terror Effort Thwarted," Wall St. Journal, June 13, 2009, at

Wednesday, June 3, 2009

US accidentally posts nuclear secrets

The US federal government mistakenly posted on the Internet a 266-page report -- with pages marked “highly confidential” -- setting out details on hundreds of the nation’s civilian nuclear sites and programs, including maps showing the precise locations of stockpiles of fuel for nuclear weapons.

After inquiries from The New York Times, the document was withdrawn from the Government Printing Office Web site.

See, "U.S. Releases Secret List of Nuclear Sites Accidentally," New York Times, June 2, 2009, at

Monday, May 11, 2009

$10 million ransom demand for Virginia patient data

A hacker claims to have broken into a Virginia state website -- the Virginia Prescription Monitoring Program (PMP) used by pharmacists to track prescription drug abuse -- deleted records of more than 8 million patients, and has offered to replace the data for $10 million. The hacker posted a ransom note on the PMP website:

"I have your [expletive] In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :(For $10 million, I will gladly send along the password."

The Virginia Department of Health Professionals, which operates the site, admits that it has yet to receive computer security upgrades ordered five years ago, in 2004 by then-Governor Mark Warner. The agency said that because of its small size, it was among the last on the list to receive the security upgrades.

"Official: Hacked agency missing security upgrade," Washington Examiner, May 10, 2009, at; "Hackers Break Into Virginia Health Professions Database, Demand Ransom," Washington Post, May 4, 2009, at; "Hacker demands $10M ransom from Virginia," UPI, May 8, 2009, at

Tuesday, May 5, 2009

Court rules on knowing standard in identity theft cases

The U.S. Supreme Court ruled that persons who use fake identification numbers to commit other crimes must know they belong to a real person to be subject to a two-year sentence extension for “aggravated identity theft.” The ruling came in a federal identity theft case concerning illegal immigrants who used false social security numbers to obtain employment.

See, "Justices Limit Use of Identity Theft Law in Immigration Cases," New York Times, May 4, 2009, at; "Supreme Court limits identity theft law," Los Angeles Times, May 5, 2009, at,0,7732350.story.

Tuesday, April 28, 2009

Drug war agent loses secrets on the bus

The British Serious Organized Crime Agency (heralded as Britain's FBI) confirmed that, in 2006, one of its agents lost a computer memory stick containing a list of undercover agents, informants, and details of more than five years of intelligence work. The memory stick was lost when the agent, who traveled to Colombia to work with British intelligence agencies on anti-drug trade operations, left her handbag on a transit bus at the Bogata airport. Fearing the information could fall into the worng hands, intelligence agencies halted operations and relocated dozens of agents and informants. The cost of the aborted operations was £100m.

See, "Bumbling agent lost ‘crown jewels’ of drugs war," Sunday Times, April 26, 2009, at; "MI6 agent leaves secret details of the war against drugs on bus," Mirror, April 27, 2009, at

Wednesday, April 22, 2009

Hackers strike Pentagon's $300 billion F-35 fighter project

Computer intruders hacked into the Pentagon's $300 billion F-35 Lightning II (Joint Strike Fighter) project. In attacks apparently originating from China, the hackers downloaded huge amounts of data -- but not the most sensitive material, which is stored offline.

See, Wall St. Journal, April 21, 2009, at; see also, "Fighter Jet Hack Far From First Government Breach," PC World, April 21, 2009, at

Thursday, April 16, 2009

YouTube prank video damages Domino's reputation

Two employees of a Domino's Pizza fanchise created a video at work purporting to show the prepartation of unsanitary food for customer delivery. Released onto the Internet, the video was seen by more than a million YouTube viewers. Customers were disgusted and the prank resulted in a public relations crisis for Domino's. The employees were fired and also arrested on felony charges for distribution of prohibited food.

See, "Video Prank at Domino’s Taints Brand," New YorkTimes, April 16, 2009, at

Friday, April 10, 2009

Britain's top counterterrorism cop resigns after security blunder

Britain's top counterterrorism police officer resigned after being photographed on his way to a government briefing carrying a "secret" document showing details of a major anti-terrorist operation, titled “Briefing Note: Operation PATHWAY.” Although the U.K. government banned the publication of the photo on grounds of national security, it found its way onto the Internet and the operation, designed to prevent an al-Qaida plot to bomb Britain, was moved up many hours earlier than planned.

See, "Britain’s Antiterror Officer Resigns," New York Times, April 10, 2009, at; "Police chief Bob Quick steps down over terror blunder," Guardian, April 9, 2009, at

Wednesday, April 8, 2009

U.S. Electricity Grid Hacked by Spies

U.S. intelligence agencies have detected cyber intruders from Russia and China who have penetrated the U.S. electricity grid. The intruders appear to be on a mission to map the grid and its controls. They left behind software tools that could be used to disrupt service or destroy infrastructure components.

See, "Spies compromised US electric grid," Associated Press, April 8, 2009, at; "Electricity Grid in U.S. Penetrated By Spies," Wall St. Journal, April 8, 2009, at

Saturday, April 4, 2009

Sponsored link trademark violation claim proceeds

A U.S. Court of Appeals ruled that a trademark claim against Google by Rescuecom, a computer services company, can proceed on the grounds that Google's use of the company's name as a "keyword" to trigger third-party advertisements may confuse consumers.

See, "Google Faces Trademark Trial," Wall St. Journal, April 3, 2009, at; "Trademark Lawsuit Over Google Ads Can Proceed," New York Times, April 3, 2009, at

Google orphan works settlement under fire

Critics are signalling that they will challenge the proposed settlement of a lawsuit against Google that they say will grant the company too much power over out-of-print books.

In 2005, publishers and authors sued Google because parts of copyrighted works were showing up in Google search results. The settlement allows Google, which has scanned more than 7 million books, to show U.S. readers up to 20 percent of most books, and to sell access to the entire collection to universities and other institutions. Public libraries will get free access to the full texts; individuals will be able to buy online access. Proceeds will be shared by Google, publishers, and authors.

Settlement proponents say the agreement greatly benefits the public by providing access to hard-to-find works. Opponents complain that the agreement hands Google a virtual monopoly over "orphan works," i.e., out-of-print works whose authors or other rights holders cannot be identified or located.

See, "Google’s Plan for Out-of-Print Books Is Challenged," New York Times, April 3, 2009, at; "Google's Book Settlement Is a Ripoff for Authors," Wall St. Journal, March 28, 2009, at

Saturday, March 28, 2009

Vast Chinese computer espionage network uncovered

Canadian researchers have detected a massive computer espionage network controlled from China that focuses on countries in south and south-east Asia, as well as the Dalai Lama's offices.

The researchers, who dub the network "Ghostnet," tracked it into almost 1300 computers in 130 countries. They uncovered the network after being asked by officials with the Dalai Lama to examine their network.

The researchers discovered that not only can Ghostnet allow files, including email, to be inspected and stolen, but that it can turn on computer cameras and microphones in order to monitor the room in which the computer sits.

See, "Vast Spy System Loots Computers in 103 Countries," New York Times, March 28, 2009, at March 28, 2009, at; "Massive Chinese computer espionage network uncovered," The Observer, March 29, 2009, at

Saturday, January 31, 2009

Disgruntled contractor indicted for Fannie Mae software bomb

An Indian contract computer engineer who worked for Fannie Mae has been indicted by a federal grand jury for installing a software bomb designed to destroy all the data in Fannie Mae's computer system. The contractor, Rajendrasinh Babubhai Makwana, had been fired by Fannie Mae.

According to the indictment, on the day the contractor was fired, the malicious code was placed at the end of a routine computer program scheduled to run each morning. Set to execute on Jan. 31, 2009, the code was programmed to attack all 4,000 of the company's servers and would have wiped out all the data on them. It was discovered by chance five days later.

See, "U.S. Probes Plot to Destroy Fannie Mae Data," Wall St. Journal, January 31, 2009, at

Hackers knock Kyrgyzstan offline

Russian hackers knocked Kyrgyzstan offline with a massive, sustained denial of service attack focused on the country's two main Internet service providers.

See, "Kyrgyzstan Knocked Offline," Wall St. Journal, January 28, 2009, at; "Kyrgyzstan goes offline following Russian hacker attack," The Industry Standard, January 29, 2009, at

Wednesday, January 28, 2009

Largest UK data theft at

Hackers stole personal data belonging to the 4.5 million job seekers registered with, an online recruitment website. The stolen data includes passwords, telephone numbers, e-mail addresses, birth dates, sex and ethnicity data, and other demographic information. The incident is reportedly the largest data theft in Britain. It is also the second time in six months that Monster's customer database has been hacked.

See, "Hackers steal details of 4.5 million in attack on Monster jobs site," TimesOnline, January 27, 2009, at; "Hackers hit's customer data again," USA Today, January 27, 2009, at

"Kyrgyzstan Knocked Offline

Tuesday, January 20, 2009

600 million credit card data security breach

Heartland Payment Systems, a payment transaction processor for more than 250,000 U.S. businesses, announced what may be the largest data security breach to date. Criminals reportedly installed sniffer software on the computer network and gained access to customer records associated with the 100 million card transactions that the company handles each month. The malicious software captured the credit card data at the point that it was unencrypted to enable Heartland to seek authorization from the major payment companies and banks. The compromised data includes credit card magnetic strip data, which can be used to duplicate (clone) credit cards.

Personal data of up to 600 million cardholders were potentially exposed, but Heartland, which is working with the secret service, cannot yet say how many records were accessed. Credit card companies contacted Heartland about a pattern of fraudulent transactions on accounts the processor handled sometime last fall, but an initial internal investigation and audit failed to detect a security breach. A forensic investigator discovered the breach last week.

According to Forrester Research, data breaches of this type can cost $300 to $600 per account in fraudulent purchases, fees, and legal costs.

See, "Card Data Breached, Firm Says," Wall St. Journal, January 20, 2009, at; "Credit Card Processor Says Some Data Was Stolen," New York Times, January 20, 2009, at

Friday, January 2, 2009

Leap year freezes digital music player

Microsoft's Zune digital music player froze on December 31, 2008. The problem was identified in the device's internal clock driver and how it handles a leap year, such as 2008. The problem affected only the 30-gigabyte model, of which 1.2 million have been sold.

See, "Leap Year Trips Zune In Black Eye For Microsoft," Wall St. Journal, January 1, 2009, at