UK: Alleged hacker ‘used army of 9,000 ‘zombie’ computers to attack websites such as Skype, Google and Pokemon’

 Posted by at 12:10 pm  Breach Incidents, Business Sector, Hack, Malware, Other  Comments Off on UK: Alleged hacker ‘used army of 9,000 ‘zombie’ computers to attack websites such as Skype, Google and Pokemon’
Oct 312017
 

Lara Keay reports:

A man has been charged with using an army of 9,000 ‘zombie’ computers to attack websites such as Skype, Google and Pokemon.

Alex Bessell, 21, is accused of using them to orchestrate Distributed Denial of Service (DdOS) attacks on several major online firms in a bid to crash their operations.

The attacks took over their systems and caused them to crash, leaving users unable to access them.

It is alleged the 21-year-old from Liverpool also set up the web business ‘Aiobuy’ and has made more than $700,000 (£533,193) in sales of harmful IT viruses since 2011.

Read more on Daily Mail

Hacker Wants $50K From Hacker Forum or He’ll Share Stolen Database With the Feds

 Posted by at 8:16 am  Hack, Of Note, Other  Comments Off on Hacker Wants $50K From Hacker Forum or He’ll Share Stolen Database With the Feds
Oct 272017
 

Catalin Cimpanu reports:

Extortion can also be funny when it happens to the bad guys, and there’s one extortion attempt going on right now that will put a big smile on your face.

The victim is Basetools.ws, an underground hacking forum that allows users to trade stolen credit card information, profile data, and spamming tools. The site boasts to have over 150,000 users and over 20,000 tools listed in its forums.

Read more on BleepingComputer.

Advanced Spine & Pain Center Notifies 8,362 Patients After Two Possibly Unrelated Incidents

 Posted by at 8:59 am  Breach Incidents, Hack, Health Data, Other  Comments Off on Advanced Spine & Pain Center Notifies 8,362 Patients After Two Possibly Unrelated Incidents
Oct 142017
 

So this is a bit unusual. Advanced Spine & Pain Center in San Antonio notified its patients on September 25 following two concerning events that may or may not be related. The first involved some patients receiving phone calls asking them to pay outstanding balances.  As part of investigating that incident, ASPC discovered that their server had been accessed. But were the two things related to each other or coincidental? It wasn’t clear, it seems. The following is their notification from September 25, 2017.  According to their submission to HHS,  they had 8,362 patients potentially affected:

SAN ANTONIO – Advanced Spine & Pain Center (ASPC) notified patients of a security incident that took place earlier this summer.

ASPC began investigating a possible security incident on July 31, 2017 after learning that some patients were being contacted and asked to pay an outstanding balance by an unknown person. As part of its investigation, ASPC discovered that its server was accessed by one or more unauthorized users.

Recent monitoring of the network did not identify any unauthorized users accessing its network. Analysis of the server was inconclusive when trying to determine if any private information was accessed. Also, it could not be determined whether this incident was linked with the initial security incident involving telephone calls to a limited number of patients.

Information potentially affected by this incident includes demographic information to include name, address, Social Security Number, date of birth, state, zip code, telephone, and gender; medical information to include medical records, labs, x-rays, and scheduling notes; and billing information to include primary insurance, CPT codes, phone, ID number, and Group number. However, potentially affected information did not include financial or payment information to include credit card or bank account information.

APSC recently sent letters to those patients whose private information may have been affected by this incident. ASPC is offering those patients who were potentially affected identity theft protection services through ID Experts®, which includes twelve months of credit monitoring, a $1,000,000 insurance reimbursement policy, exclusive educational materials, and fully managed ID theft recovery services. APSC encourages patients to take appropriate measures to protect their credit information and to contact ID Experts with any questions. More information can be found in the letter provided to affected patients.

A variety of security measures were in place before this incident, including network filtering and security monitoring, firewalls, antivirus software and password protection. Upon learning of the initial security incident, ASPC made a police report and contacted the FBI. It also conducted an internal investigation of its server and computer network. The practice also is taking appropriate measures to secure its network. Its investigation is ongoing, and patients will be notified of any significant developments at the practice’s website.

ASPC takes its patients’ privacy and the security of information very seriously and regrets any inconvenience this may have caused. Patients should call 1-866-537-1672 for assistance or with any additional questions. Patients can also check ASPC’s website, http://advancedspineandpaincenter.com, for updated information.

 

T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number

 Posted by at 7:48 pm  Business Sector, Other  Comments Off on T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number
Oct 122017
 

Lorenzo Franceschi-Bicchierai reports:

Until last week, a bug on a T-Mobile website let hackers access personal data such as email address, a customer’s T-Mobile account number, and the phone’s IMSI, a standardized unique number that identifies subscribers. On Friday, a day after Motherboard asked T-Mobile about the issue, the company fixed the bug.

The flaw, which was discovered by security researcher Karan Saini, allowed malicious hackers who knew—or guessed—your phone number to obtain data that could’ve been used for social engineering attacks, or perhaps even to hijack victim’s numbers.

Read more on Motherboard.

Mirai Malware Attacker Extradited From Germany to UK

 Posted by at 4:54 pm  Financial Sector, Non-U.S., Other  Comments Off on Mirai Malware Attacker Extradited From Germany to UK
Aug 312017
 

Mathew J. Schwartz reports:

Admitted Mirai malware mastermind Daniel Kaye, 29, has been extradited from Germany to the United Kingdom, where he faces charges that he launched cyberattacks against two of Britain’s biggest banks.

Kaye, a British national from Surrey, England, returned to Britain Wednesday in the custody of officers of the National Crime Agency – Britain’s national law enforcement agency – under a European arrest warrant.

He’s been accused of “using an infected network of computers known as the Mirai#14 botnet to attack and blackmail Lloyds Banking Group and Barclays banks,” according to the NCA.

Read more on BankInfoSecurity.