Jan 162019

Sergiu Gatlan reports:

Potential attackers could view and change private information in flight bookings made by millions of customers of major international airlines because of a security issue in the Amadeus online booking system found by Safety Detective’s Noam Rotem.

Currently, the Amadeus ticket booking system is being used by 141 international airlines which gives it control over 44% of the global online reservation market, with United Airlines, Lufthansa, and Air Canada being some of its clients.

Read more on BleepingComputer.

See also The Register‘s coverage from yesterday.

Jan 152019

From the county’s notice, which you can find in its entirety here:

Hanover County was recently notified about potential unauthorized charges on credit cards used by customers to pay their utility bills via the website between August 1, 2018 and January 9, 2019. The County takes the security and protection of its customers’ confidential information seriously.

What Happened

On January 9, 2019, Gemini Advisory, a group that monitors internet websites for exposed credit card information, notified County staff that credit card information used to make online payments through Hanover’s Central Square Click2Gov system had been compromised. A vulnerability that the County was unaware of allowed this credit card information to be taken during transactions by unauthorized individuals.

The County immediately validated the claim and isolated the Click2Gov system from public access to try to find what information had been compromised and whether the County’s system was still vulnerable. The County has been working with MS-ISAC and CERT, outside agencies that deal with information breaches, to complete a full forensic analysis of what occurred. The County is also working with the software company and has built a new Click2Gov server using different software than the program that was involved in the original breach.

Working with information received from Gemini Advisory we have been able to confirm the exposure of credit card information used to make online payments with the Click2Gov system.

What Information Was Involved

The County has reason to believe that all credit card information entered into the Click2Gov system for utility and building inspection payments between approximately August 1, 2018 and January 9, 2019 may be at risk. This information includes customer names, credit card number, and expiration dates. Payments made over the phone and automatic withdrawals were notaffected; only payments made online through the Click2Gov portal were compromised.

Jan 152019

Roy Mabasa and PNA report:

Foreign Affairs Secretary Te­odoro Locsin Jr. on Tuesday backpedaled from his earlier allegations that French con­tractor Oberthur reportedly ran away with the data of millions of passport ap­plicants when its contract was abruptly terminated by the Philippine govern­ment in 2013.

“Data is not run-away-able but made inaccessible. Access denied,” Locsin said in his tweet.

Locsin tweeted the clarification a day after APO Production Unit Inc. (APUI), the current Philippine e-pass­port maker, said there was no passport data loss or breach.

Read more on Manila Bulletin.

Jan 122019

Updated January 15: Locsin subsequently clarified his claim and said that no data had been removed or stolen, but had been made inaccessible. See this report.

Original post:

Katrina Domingo reports:

MANILA – Some Filipinos renewing their passports may have to present their birth certificates as an additional requirement after a passport production contractor the government had terminated “made off with data,” Foreign Affairs Secretary Teodoro Locsin Jr. has said.

The Department of Foreign Affairs needs to “rebuild” its database for passports issued before 2010 because a “previous outsourced passport maker took all the data when contract terminated,” Locsin said in a tweet on Jan. 9

Read more on ABS-CBN.

Jan 102019

Fascinating reporting by Kim Zetter on Politico.

The 2016 arrest of a former National Security Agency contractor charged with a massive theft of classified data began with an unlikely source: a tip from a Russian cybersecurity firm that the U.S. government has called a threat to the country.

Moscow-based Kaspersky Lab turned Harold T. Martin III in to the NSA after receiving strange Twitter messages in 2016 from an account linked to him, according to two people with knowledge of the investigation. They spoke with POLITICO on condition of anonymity because they’re not authorized to discuss the case.

Read it all on Politico.