In the justice system: Laura Bustamante, who worked for the Utah Department of Workforce Services, was sentenced to three years in prison for her role in an ID theft ring. Previous coverage here. Tiina Eldridge and Jean Paul Rudahunga were arrested after they were found in possession of fraudulent credit cards and credit card data…
Category: Malware
Penn State: Employees alerted to possible security breach
From the CentreDaily.com: The Social Security numbers of employees working at Penn State Office of Physical Plant in 2000 may have been stolen. On Feb. 20, a virus infiltrated an administrative computer that contained more than 1,000 social security numbers of OPP employees, said OPP spokesman Paul Ruskin.
Did The BBC break the law in its botnet report?
So…. did The BBC break the law when it bought and implemented a 22,000-strong botnet as part of its Click news reporting? Nick Farrell of IT Examiner reports that Sophos’ Graeme Cluely suggests that they did because the UK Computer Misuse Act makes it an offense in the United Kingdom to access another person’s computer,…
Stolen-data trove offers look inside a botnet
Jordan Robertson of the Associated Press reports on what researchers from Prevx found on a Ukrainian web site used as to store data from 160,000 infected computers. What they found included data from a Georgia bank that exposed customer details and credentials for the bank’s wire-transfer system, and data from two states’ systems. Read more.
RBS WorldPay statement
In response to my request for a statement, a spokesperson for RBS WorldPay sent this statement: RBS WorldPay received its Payment Card Industry (PCI) Report on Compliance (ROC) in June of 2008 by a qualified assessor. Visa has asked us to obtain a new certification of PCI compliance because of the recent data-security compromise. Visa…
Visa puts Heartland on probation over breach — but what about RBS WorldPay?
Anthony M. Freed of Information Security Resources reports that Visa has put Heartland Payment Systems on probation. As of February 11, 2009 Visa’s Global List of PCI DSS Validated Service Providers had asterisked Heartland Payment Systems as being under review. Heartland is not on the March 12th list. The following quotes from Visa’s announcement are…