Dan Goodin of The Register reports: A Romanian man has been sentenced to serve more than four years in US prison for taking part in a sophisticated phishing scam that cost financial institutions at least $150,000. Ovidiu-Ionut Nicola-Roman, 23, of Craiova, Romania, received 50 months in federal prison, followed by three years of supervised release….
Category: Malware
Bits ‘n Pieces
In the justice system: Laura Bustamante, who worked for the Utah Department of Workforce Services, was sentenced to three years in prison for her role in an ID theft ring. Previous coverage here. Tiina Eldridge and Jean Paul Rudahunga were arrested after they were found in possession of fraudulent credit cards and credit card data…
Penn State: Employees alerted to possible security breach
From the CentreDaily.com: The Social Security numbers of employees working at Penn State Office of Physical Plant in 2000 may have been stolen. On Feb. 20, a virus infiltrated an administrative computer that contained more than 1,000 social security numbers of OPP employees, said OPP spokesman Paul Ruskin.
Did The BBC break the law in its botnet report?
So…. did The BBC break the law when it bought and implemented a 22,000-strong botnet as part of its Click news reporting? Nick Farrell of IT Examiner reports that Sophos’ Graeme Cluely suggests that they did because the UK Computer Misuse Act makes it an offense in the United Kingdom to access another person’s computer,…
Stolen-data trove offers look inside a botnet
Jordan Robertson of the Associated Press reports on what researchers from Prevx found on a Ukrainian web site used as to store data from 160,000 infected computers. What they found included data from a Georgia bank that exposed customer details and credentials for the bank’s wire-transfer system, and data from two states’ systems. Read more.
RBS WorldPay statement
In response to my request for a statement, a spokesperson for RBS WorldPay sent this statement: RBS WorldPay received its Payment Card Industry (PCI) Report on Compliance (ROC) in June of 2008 by a qualified assessor. Visa has asked us to obtain a new certification of PCI compliance because of the recent data-security compromise. Visa…