Privacy Roundup #0030 • January 2009
January 2009 was dominated by the record Heartland card breach, the Conficker worm sweeping through hospitals and navies, and a run of high-profile account and database compromises.
1. Heartland Payment Systems discloses the largest card breach to date
The payment processor admitted that sniffer malware planted on its network had captured cardholder names and numbers as they crossed its systems. The intrusion, which touched roughly 130 million accounts, was quickly judged the biggest card-data theft yet recorded.
2. Celebrity Twitter accounts hijacked to push bogus messages
Intruders seized the accounts of Barack Obama, Britney Spears, Fox News and dozens of other prominent users after Twitter's internal support tools were compromised. The hijacked feeds were used to send crude and damaging posts to large followings.
3. Twitter password-guessing weakness laid bare
Researchers revealed that a teenager had broken into a Twitter administrator account simply by hammering the login page with dictionary words until one stuck. The episode exposed Twitter's failure to throttle repeated guesses, a basic safeguard already common elsewhere.
4. Phishing scam spreads through Twitter direct messages
Users began receiving direct messages inviting them to view a blog about themselves, with the links leading to a counterfeit Twitter login page. The fake site harvested credentials that were then used to spread the lure further.
5. Conficker superworm seizes an estimated nine million PCs
Antivirus researchers reported that the Downadup worm had infected around nine million machines, with millions added in only a few days. The scale left analysts describing the outbreak as the worst in years.
6. Three in ten Windows PCs still unpatched against Conficker
Scanning data showed that nearly a third of Windows computers had not applied the October patch that closed the flaw Conficker exploited. The gap helped explain how rapidly the worm continued to spread.
7. Conficker cripples Sheffield hospital network
Hospitals across Sheffield struggled with a major worm outbreak after managers switched off Windows updates across all eight thousand machines. More than eight hundred computers were confirmed infected, forcing non-urgent imaging appointments to be cancelled.
8. Conficker autorun trick found to work on Windows 7
Researchers discovered that the worm's deceptive autorun prompt, which makes running malware look like opening a folder, also fooled early Windows 7 builds. The finding gave Microsoft a chance to change AutoPlay behaviour before the final release.
9. British Ministry of Defence networks still malware-plagued
Two weeks into an outbreak, the Ministry of Defence admitted that some administrative systems remained unavailable across naval and air force sites. Officials maintained that operational and classified networks had not been affected.
10. Heartland breach tied to a wider criminal operation
Heartland's president said law enforcement had linked the intrusion to a broader cyber-fraud campaign under investigation by the Department of Justice and the Secret Service. The disclosure underlined that the theft was part of an organised effort rather than an isolated hack.
11. Obama keeps a BlackBerry under heightened security
The new president was permitted to keep a smartphone despite warnings that foreign agencies could track his movements or intercept his messages. Access to the device was tightly limited and its communications were to be heavily encrypted.
12. Security teams brace for Conficker activation
With the worm controlling a botnet of nine million or more machines, researchers prepared for the moment the network might be triggered. The looming activation dwarfed earlier botnets such as Storm.
13. Monster.com suffers a second major database breach
For the second time in eighteen months, the jobs site admitted that intruders had taken user names, passwords, email addresses, names, phone numbers and demographic details. The company chose to post a website notice rather than contact affected users directly.
14. USAJOBS data exposed through the Monster breach
Because the federal jobs portal USAJOBS was run on Monster's platform, its members' contact and account details were caught up in the same theft. Job seekers were warned that the stolen data could fuel phishing attacks.
15. Spam volumes climb back towards pre-McColo levels
Junk mail rebounded to most of the volume seen before the McColo hosting takedown, as surviving botnets regained their footing. The Mega-D network alone was blamed for tens of millions of messages a minute.
16. Google briefly flags the entire web as malware
A configuration error caused Google to mark every search result as harmful for roughly forty minutes, blocking users from clicking through. The mistake also pushed legitimate Gmail messages into spam folders before engineers reverted the change.
17. New botnets rush to fill the spam void
Analysts charted the rise of fresh networks such as Waledac and Xarvester as older operations faltered. The newcomers brought stronger encryption and stealthier hosting designed to frustrate researchers.
18. Conficker forces the French navy offline
The Intramar network of the Marine Nationale was infected, apparently through an infected USB drive, and had to be cut off to halt the spread. Sailors fell back on telephone, fax and post while flight plans could not be downloaded.
19. Conficker botnet growth slows near ten million machines
By late January the worm had reached around ten million compromised PCs, though the rate of new infections had begun to ease. The botnet still phoned home through a shifting series of servers, complicating any response.
20. FOIA request reveals the files DHS keeps on travellers
A traveller who obtained his government dossier found it held the IP address used to buy his tickets, his itineraries, fares and even details of companions on joint bookings. The disclosure showed how much correlated personal data the Department of Homeland Security retained on ordinary journeys.
Enjoyed this post?
Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.
Tags
Category:
Year: