Thursday, 24 April 2014

Patient information may have been on stolen Coordinated Health laptop

Two breaches within one month? Will that get HHS’s attention?
The Pocono Record reports:
A laptop computer that may have contained the files of more than 700 Coordinated Health patients was stolen from an employee’s car on Feb. 21 and has not been recovered, according to a press release issued by Coordinated Health today.
The laptop was stolen from the car of an employee in Bethlehem. The incident was immediately reported to local authorities with a formal police report filed.
Coordinated hired a forensic investigator to conduct a full review of the content on the computer. While the laptop was password protected, the investigation revealed that the device may have contained an email with an attached file of 733 CH patient files, their social security numbers and their protected health information including (PHI): name, date of birth, address, insurance, appointment date and physician name.
Read more on Pocono Record. The Express-Times also covers the press release, which does not seem to be up on Coordinated Health’s website at the time of this posting.
This is the second breach reported by Coordinated Health within the past month. At the end of March, they disclosed that a Whitehall township office had been burglarized mid-month and patient information and cash were stolen. In that breach, the patient information included the last four digits of patients’ credit cards and Social Security numbers, as well as names, birth dates, phone numbers and some health information. Information from fewer than 70 patients was involved.

Three Lloyds Clerks Used Hacking Device to Steal Money from Customer Accounts

Lloyds TSB employees accused of fraud Enlarge picture
- Lloyds TSB employees accused of fraud
Tai Hulbert-Thomas, 27, Neil Bautista, 22, and Mawli Thurairajah, 30, are accused of attempting to steal more than £2 million ($3.4 million / €2.47 million) from the bank accounts of Lloyds TSB customers. The suspects were all bank clerks.

According to Oxford Mail, the three are said to have installed a device on the computer of a colleague that enabled them to harvest the information needed to fraudulently transfer money from customer accounts.

The conspiracy took place in the summer of 2012 at Halifax branches in Slough, Newbury and Camden. Halifax is a division of Bank of Scotland, which is a subsidiary of the Lloyds Banking Group.

Prosecutors say the fraudsters installed what they call a rogue “USB mouse, keyboard and mass storage device.” The gadget allowed them to remotely access the targeted computer through the Internet. The fraudulent transactions were carried out when the bank was closed.

The suspects are believed to have attempted to steal over £2 million ($3.4 million / €2.47 million), but the actual damage to the bank is around £440,000 ($738,000 / €535,000).

The conspiracy was uncovered when a Halifax branch manager noticed a suspicious transaction of tens of thousands of pounds into a customer’s account.

An investigation uncovered that a total of £605,000 ($1 million / €735,000) were transferred to 13 different accounts. The hacking device was discovered during an internal investigation.

Hulbert-Thomas has been charged with two counts of fraud by abuse of position, Bautista is accused of making fraudulent payments and allowing another individual to install a device on a bank’s computer, while Thurairajah has been charged with making fraudulent payments. They’ve all pleaded not guilty.

Former politician jailed for hacking

Former Conservative (Høyre) politician Tor Johannes Helleland was sentenced to two months in prison on Thursday over computer hacking charges. The 23-year-old broke into the email and online storage accounts of 32 women, downloaded private intimate photographs, and spread them on pornography websites.
Tor Johannes Helleland has resigned his posts in Norway's Conservative Party (Høyre) after confessing stealing and distributing photos of naked women. PHOTO: Drammen Kommune

Helleland was a Drammen city council representative when the scandal emerged in July last year. Newspaper VG reported he had breached the women’s email and iCloud accounts, stolen photographs showing various degrees of nudity and sexual activity, and spread them online without consent. He resigned from his council position and issued an apology to his victims after he was discovered, many of them members of the Conservative’s youth organization.
He was given a stricter sentence than the 36 days prosecutors requested, reported Norwegian Broadcasting (NRK). The court ruled a strong deterrent message was necessary to combat the growing problem of cyber crime. Thirty days of Helleland’s two month sentence were suspended, and he was given a two year probation period.
“Helleland has stood firm on his unreserved confession the whole time, and has been upset over what he has inflicted on his victims,” said his lawyer Anders Green. “He has taken note of the judgment and we will accept the sentence as the Drammen court has determined.”
His family has a long history in politics with Høyre. His father Trond and step mother Linda H Helleland are both members of parliament. His mother Jannike Thorsen is also a Drammen council politician.

Andy Coulson: I quit David Cameron role due to phone-hacking coverage

Andy Coulson
Andy Coulson has told the phone-hacking trial of why he resigned as David Cameron's communication's chief. Photograph: Mark Thomas/Rex Features
Andy Coulson resigned as David Cameron's spin doctor in January 2011 because his ability to do his job was being compromised by the phone-hacking scandal, a jury at the Old Bailey has heard.
He told jurors that he took the decision to quit because he "could not do the job" he was "employed to do".
His resignation from a senior position was the second in the space of four years. In 2007 he quit as editor of the News of the World because he felt it was the right thing to do following the arrest and subsequent sentencing of the paper's royal editor Clive Goodman for phone-hacking-related offences.
He said he could not imagine "sitting at my desk writing a leader criticising a public figure or a politician when the paper itself had failed under my editorship".
Coulson told jurors that he had been hired by the Tory party after a meeting with George Osborne seven months later.
"Subsequent to that, I had a meeting with David Cameron and after the May local elections that turned into a job offer."
After the general election in May 2010, Coulson went to work in Downing Street but within months he left.
"There had been a long period of press coverage of issues relating to this trial and over a period of time I once again found myself in the position where I could not do the job I was employed to do so I felt I should resign," Coulson said.
He told jurors he decided to resign from News of the World over Christmas 2005 after discussions with his wife Eloise. He told a News International executive two weeks before Goodman was sentenced at the end of January 2007.
He recalled that Rupert Murdoch called him just as he was driving out of the production plant in Wapping.
"He wished me well and I reminded him what he had said to me when I told him about the arrest of Clive Goodman and that had been part of my thinking," Coulson said.
Coulson and Goodman deny that they conspired to hack phones.
During cross-examination by Goodman's counsel, Coulson denied he was a bully but admitted that the culture of newspapers in the 1980s and 1990s was "temperamentally more aggressive" than it was now.

Bank of England seeks 'HACKERS' to defend vaults against e-thieves

The Bank of England is planning to hire ethical hackers to conduct penetration tests on 20 "major" banks and other financial institutions, it has been reported.
The move appears to be a response to lessons learned during the Waking Shark II security response exercise last November. The exercise put merchant banks and other institutions in the City at the wrong end of a simulated cyber-attacks and didn't involve retail banks, as explained in an BoE statement issued at the time.
But according to the reports, this is about to change.
According to sources who spoke to the Financial Times (behind paywall), the Bank of England's “ethical hackers” will attack 20 major banks and other financial institutions in the new round of cyber resiliency tests. Unnamed government-accredited penetration testing firms will be involved. The FT speculated that the Royal Bank of Scotland and the London Stock Exchange would participate, but there have been no confirmations.
Adrian Beck, security programme manager EMEA at cloud-based application security company Veracode, welcomed the reported move.
"It’s encouraging to see the Bank of England taking a lead on protecting the UK’s critical national infrastructure by overseeing ethical hacking programmes," Beck said.
He added: "Ethical hacking, in the form of penetration testing, is one way to expose software coding errors in an organisation’s applications, along with other vulnerabilities that threaten critical data. All businesses, whether in the public or private sector, should consider the benefits of investing in ethical hacking as part of an application security programme."
Marc Lee, director EMEA at infosec firm Courion said that penetration testing can only go so far and banks need to look at the bigger picture by taking precautions to defend against internal as well as external threats.
"The focus shouldn’t be solely on detecting and preventing external attacks," Lee explained. "It’s important to recognise that threats can often stem from insider hacktivists or a weak security culture in the back office [that] leaves sensitive data and apps open to abuse or theft."
"Looking at the bigger security picture, the majority of serious data breaches use stolen or misused legitimate access privileges. Banks need strong, reliable systems in place to quickly identify any security vulnerabilities and take appropriate actions to prevent a breach and avoid financial and reputational damage,” he added.
Ross Brewer, vice president and managing director for international markets at security tools firm LogRhythm, commented: "The financial sector is taking a positive step here, which many other organisations need to learn from. As they play such a critical role in society, it would be disastrous for one of our leading banks to suffer a significant data breach.
"We only have to look at recent large-scale data breaches, such as [that of] Target in the US, to see just how devastating and long-lasting this can be. Given the level of trust businesses and consumers place in banks, a successful attack on a financial firm would be even worse."

LulzSec's Sabu hacked foreign gov sites while under FBI control – NYT

Ex-LulzSec chief Sabu orchestrated attacks on government computers in Iran, Syria, Pakistan and Brazil while under the control of the FBI, according to a New York Times investigation.
After he was apprehended and turned to became an FBI informant, Hector Xavier "Sabu" Monsegur encouraged fellow Anonymous hackers to hit foreign websites using a zero-day vulnerability in server-side software.
Data stolen during the hacking spree was then uploaded to a server that was secretly monitored by the Feds, it's claimed.
The allegations are based on copies of court documents as well as interviews with individuals linked to the network assaults by the New York Times.
Monsegur was arrested in September 2011, and since then he has been working with the Feds as an informant against his online brothers-in-arms. This only became public knowledge in March 2012. During the eight months in between, Sabu was coordinating a hacking spree by the LulzSec cyber-gang and elements of the wider Anonymous movement, all while pushing a list of targets on behalf of his US government handlers, it is claimed.
The NYT said it has evidence that Uncle Sam, through Sabu, used Anonymous activists to probe foreign government websites for vulnerabilities.
Chat logs between hacktivist Jeremy Hammond and Sabu show that the FBI mole supplied Hammond with addresses of foreign websites to target, it's alleged. A flaw in web-hosting software Plesk was one of the main routes used to obtain unauthorized access to vulnerable systems, the newspaper claimed.
Hammond, together with a Brazilian hacker using the nickname Havittaja, broke into the insecure sites, although Sabu merely encouraged them rather than participating in the hacks, it's reported. Once the sites were hacked, sensitive information was extracted and uploaded to servers designated by Monsegur that had been tapped by the Feds, we're told.
"Exploiting a vulnerability in a popular web hosting software, the informant directed at least one hacker to extract vast amounts of data - from bank records to login information - from the government servers of a number of countries and upload it to a server monitored by the FBI," the NYT reports.
Hammond is serving a 10-year sentence after pleading guilty last month to a high-profile hack against private intelligence outfit Stratfor and for attacks inside the United States. The hacktivist admits to taking part in attacks outside the US, but the terms of his plea-bargaining deal prevent him from going into details.
Monsegur's repeatedly delayed sentencing [PDF] is due to take place on 8 May. He has admitted 12 criminal charges that include multiple counts of conspiracy to engage in computer hacking.

Facebook, Skype and Gmail face ban in Russia due to data snooping legislation

WESTERN TECHNOLOGY FIRMS including Facebook, Gmail and Skype face being banned in Russia due to "anti-terror" data snooping laws in the country.
The Russian parliament passed the lesiglation on Tuesday, which could make services such as Gmail and Skype illegal in the country unless they store data on its soil.
The "Information, Information Technologies and Protection of Information" amendment, part of the country's anti-terrorism laws, would require Russian data to be stored within the country in order to be accessed by state security and intelligence services.
This means that in order to avoid being banned, technology firms would need to store data within the country, essentially allowing Russian authorities to snoop on the data as they wish.
Of course that's not all it would do. The legislation, which has yet to be approved by Russian president Vladimir Putin, would also give the Russian Federal Security Service (FSB) greater control over Russian internet, which might see the country move further into a Big Brother society. However, it's likely that users would be able to circumvent the block, if it were to be imposed.
Russian search engine Yandex said in a statement, "In our opinion, the adoption of the law will be another step towards the strengthening of state control over the Internet in Russia, which has a negative impact on the development industry."
This news comes just days after Russia denied that it was planning to block such services in the country. An FSB spokesperson said earlier this month, when questioned about whether it was looking to block services such as Gmail, "Quite the contrary - the development of advanced technology is a natural process that should be welcomed."
It also follows reports that the Russian government seized control of the country's social network this week