Some of what I’m reading this morning while working on my first cup of coffee: I was surprised to read that the Department of Defense is involved in notifying military members and families who paid state income taxes in South Carolina about the massive SC Department of Revenue breach. Does the DOD normally get involved…
Category: Hack
CA: Cyber Hacker Steals Credit Card Numbers From EJ Phair Customers
Emily Henry reports: Customers of Concord’s EJ Phair Brewing Company may have noticed some unusual charges on their bank statements recently, ranging anywhere from a $700 fee at Staples in Washington state to a couple of bucks at a McDonald’s in Nevada. The cause of those unexplained charges has been discovered as the work of a sophisticated…
Numbers from Nationwide Insurance breach dribble out (update7)
I wish companies would heed my advice and get the bad news out at all once instead of staying in the news cycle as each new revelation hits the media. We are starting to get numbers on the hack of Nationwide Insurance and Allied Insurance that I reported here on November 17: Georgia reports 28,467…
IRS says states must encrypt electronic tax records; Governor Haley attempts to extricate her feet from her mouth (UPDATED)
UPDATE: See comment by Don Moffett below this post who notes that the Governor was actually correct and the IRS’s statement is incorrect. Governor Nikki Haley of South Carolina should stop talking about the massive databreach at the Department of Revenue and let someone who actually knows something about data security speak for the state….
Two Utah websites claim hacker attacks cost them $180K; @ItsKahuna challenges the price tag
Back at the beginning of the year, the Salt Lake City Police Department and Utah Chiefs of Police were among a number of law enforcement organizations hacked in #OpPiggyBank. A hacker whose Twitter handle is @ItsKahuna was subsequently charged in the incidents. Now John Anthony Borell is challenging the organizations’ claims about what the hacks…
Forensic report on SCDOR breach
Here’s Mandiant’s report on the breach at the South Carolina Department of Revenue. From the Executive Summary, a summary of the attack: Summary of the Attack A high level understanding of the most important aspects of the compromise are detailed below. 1. August 13, 2012: A malicious (phishing) email was sent to multiple Department of…