CNN Money reports Citigroup has released more details on last month’s hack attack, revealing that far more credit card accounts were accessed than originally reported, and that it took more than three weeks to notify customers. Citigroup said that it discovered on May 10, that 360,083 credit card accounts had been hacked. Only accounts in the U.S. were impacted and new credit cards were re-issued to 217,657 of the hacked accounts, along with a notification letter. Some accounts were not re-issued credit cards if the account was closed or had already received new credit cards as a result of other card replacement practices. Citigroup said these accounts continue to receive heightened monitoring for suspicious activity.
The Suffolk News-Herald reports more victims are surfacing in a police investigation of a fraud that has swindled residents of Suffolk out of a total of more than $35,000. Suffolk police first issued a warning June 3 that a number of people who had recently purchased fuel at the Murphy USA station on North Main Street had been victimized. In every case, according to city spokeswoman Debbie George, the victims had used their debit card and entered a personal identification number at the pump. Sometimes within hours, unknown suspects in California had apparently manufactured copies of the cards and used them at automated teller machines to withdraw hundreds, even thousands, of dollars from the victims’ accounts, usually after doing a balance inquiry to see how much money was available.http://www.suffolknewsherald.com/2011/06/13/more-fraud-victims-surface/
Bank Info Security reports federal authorities have indicted four men for their alleged involvement in a $1.5 million ATM skimming scheme that targeted Citibank and JPMorgan Chase bank branches in New York, Chicago and Miami. The indictment accuses the team of using different types of skimming technology. One method allegedly involved replacing PIN pads on branch lobby ATMs with manipulated devices that collected card details and PINs as customers entered them. Wireless technology was also allegedly used by the thieves to remotely retrieve the information. Another method is believed to have involved compromising card readers used for 24/7 access to ATM vestibules located outside the branches’ main lobbies. Investigators say the fraudsters then used PIN pad overlays on the ATMs housed inside the vestibules to capture and record PIN details.
The Wall Street Journal reports a Bulgarian native has admitted scanning personal information from ATM machines in northern New Jersey and stealing nearly $300,000. Georgi Nikiforov pleaded guilty in federal court in Newark to bank fraud conspiracy and aggravated identity theft. Nikiforov was arrested last fall. He was accused of using an electronic device to skim identity and account information from Valley National Bank branches in Nutley and Belleville. The Queens, N.Y. resident and others allegedly withdrew nearly $300,000 using the stolen personal identification numbers. The U.S. Attorney’s Office says the bank repaid its customers for the amount stolen.
Bank Info Security reports a July trial date has been set for one of three suspects linked to a card-skimming scheme at pay-at-the-pump gas terminals in Hawaii. Ariak Davtyan, 45, of Los Angeles, was extradited from California in early May on three counts of first-degree identity theft, after allegedly stealing more than $150,000 from six Hawaii financial institutions, using credit and debit card information stolen from 156 consumer accounts. Fraudsters allegedly used a master key to open the gas pump enclosures and then attached electronic skimming devices.
SC Magazine reports Microsoft is prepping a large security update for Tuesday,with plans to deliver 16 patches to fix 34 vulnerabilities across its product line. The patches will mend issues in Windows, Office, Internet Explorer, .NET Framework, SQL Server, Visual Studios, Silverlight and ISA Server. Nine of the bulletins are rated “critical,” while the remaining seven carry an “important” designation. The update touches all versions of Windows, Excel and Internet Explorer. Among the more notable fixes are two patches for Internet Explorer. One will address an issue known as “cookiejacking,” which involves an attacker accessing a file stored inside a browser — the cookie — to steal access credentials. Late last month, Italian security researcher Rosario Valotta disclosed the vulnerability, stating that it could be used to steal usernames and passwords used to login to popular sites such as Facebook and Twitter. For users to be exploited, they must be tricked into dragging an object across their screen and dropping it into an “attacker controlled HTML element,” a type of clickjacking tactic sometimes employed by hackers.
Bloomberg reports the International Monetary Fund’s computer system was targeted by hackers, believed to be connected to a foreign government. The hackers retrieved e-mails and other documents, according to a person familiar with the attack. Internal IMF memos obtained by Bloomberg warned employees to be on their guard after a computer at the fund was “compromised.” The IMF detected some suspicious file transfers, and the subsequent investigation established that a Fund desktop computer had been compromised and used to access some Fund systems.
Threat Post reports security woes for Sony are continuing unabated, as evidenced by the latest entry in the laundry list of attacks against the company. Hackers posted a large amount of data that they stole from databases belonging to Sony Pictures and a couple of their subsidiaries. A group calling itself Lulz Security has claimed responsibility for the attack and has posted a significant amount of information, including plaintext passwords and apparently some names, phone numbers and some physical addresses. The attack also compromised databases belonging to Sony BMG.
SC Magazine notes iPads, iPhones and Android devices are making their way into enterprises, and while a vast majority of organizations have policies around mobile device use, risky behaviors are still commonplace, according to a report released by McAfee and Carnegie Mellon University. Despite having policies around mobile device use, most organizations’ mobile security postures are weak, the survey found. Approximately half of users keep passwords, PIN codes or credit card details on their mobile devices, for example. Further, one in three employees uses his or her device to store sensitive work-related information.
The Register reports Lockheed Martin has reportedly suspended remote access to email and corporate apps following the discovery of a network intrusion that may be linked to the high-profile breach against RSA earlier this year. Technology blogger Robert Cringely reports that Lockheed recently detected the suspected breach. He adds that new tokens will be issued to an estimated 100,000 personnel before remote access is restored, a process likely to take at least a week. The incident involves the use of SecurID tokens from RSA to log into accounts, and may be tied to, or at least use information extracted from, an attack on RSA Security’s systems back in March.
