Employee of central coast bank arrested for stealing nearly $110,000, mostly from elderly customers

An Arroyo Grande woman was arrested Tuesday by special agents with the FBI on charges of stealing money from a federally insured financial institution.

Brenda Bautista Hurtado, 25, was taken into custody without incident after being named in a three-count indictment returned by a federal grand jury last Friday.

The indictment accused Hurtado of stealing money while employed last year at the U.S. Bank branch in Arroyo Grande. The indictment alleges that Hurtado stole nearly $100,000 from two customers’ accounts, as well as another $10,000 in cash from the bank’s vault.

The investigation in this case revealed that Hurtado secretly accessed U.S. Bank’s computer system and changed the contact information for the accounts of two elderly customers at the bank. After changing their contact information, Hurtado then allegedly closed these accounts and took out cashier’s checks for the balance of each account.

When one of the customers came to the bank and learned that his account had been closed, Hurtado went into the bank’s vault and took $10,000 in cash. Hurtado then went to Mexico for several weeks before returning to the United States. She was arrested this morning in Guadalupe, California, where she has been staying for the past few months.

The indictment alleges that Hurtado stole $50,907 on February 24, 2010 and another $48,163 on February 26, 2010. The indictment further alleges that Hurtado stole $10,000 in cash from the bank vault on June 7, 2010.

An indictment contains allegations that a defendant has committed a crime. Every defendant is presumed to be innocent until and unless proven guilty in court.

Each count of theft by a bank employee carries a statutory maximum penalty of 30 years in federal prison and a fine of up to $1 million.

10th Sony hack: Sony Ericsson website gets hacked by Lebanese hacker Group, Idahca

Sony has now officially become the testing ground for hackers where they get their claim to fame exploiting various security holes at Sony Corporation and Sony keeps trying to figure out how many security loopholes exist in their systems.

In the latest security incident, Idahca (Lebanese hacker Group) has hacked the database of ca.eshop.sonyericsson.com with a simple sql injection. That makes two attacks on Sony in one day. In the morning LulzSec Leak Sony’s Japanese websites Database and now Sony Ericsson’s Eshop Database are hacked. Email, Password and names of 1000’s of users are exposed via text file on Pastebin. Similar to the LulzSec’s hack, the whole database of Sony Ericsson site was leaked the hacker’s Facebook/Twitter Accounts. The Pastebin link is http://pastebin.com/4YGAWxQZ .

Latest Sony hack: Sony BMG Greece websites compromised

In what seems to be a neverending nightmare it appears that the website of Sony BMG in Greece has been hacked and information dumped.

An anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr.

The data posted appears to be incomplete as it claims to include passwords, telephone numbers and other data that is either missing or bogus.

According to Chester Wisniewski, Senior Security Advisor, Sophos Canada, “It is nearly impossible to run a totally secure web presence, especially when you are the size of Sony. As long as it is popular within the hacker community to expose Sony’s flaws, we are likely to continue seeing successful attacks against them.”

“It appears someone used an automated SQL injection tool to find this flaw. It’s not something that requires a particularly skillful attacker, but simply the diligence to comb through Sony website after website until a security flaw is found,” Wisniewski added.

While it’s cruel to kick someone while they’re down, when this is over, Sony may end up being one of the most secure web assets on the net.

If you are a user of SonyMusic.gr, it is highly recommended that you reset your password. Expect that any information you entered when creating your account may be in the hands of someone with malicious intent, and keep a close eye out for phishing attacks.

The lesson I take away from this is similar to other stories we have published on data breaches. It would cost far less to perform thorough penetration tests than to suffer the loss of trust, fines, disclosure costs and loss of reputation these incidents have resulted in.

Websites of hacktivist group Anonymous hacked!

The infamous Anonymous group that has claimed responsibility for attacks on New Zealand government sites, on NeoNazi websites, has been blamed for Sony hack among other attacks in the name of online activism or what can also be described as hacktivism has become a target of its own tactics.

AnonOps, one of the most active part of the Anonymous group, said yesterday that two of its sites have been compromised. The group claims that the domains AnonOps.net and AnonOps.ru have been compromised by a former IRC-operator and fellow helper named “Ryan”. “He decided that he didn’t like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d’etat, with his “friends” at skidsr.us . Using the networks service bot “Zalgo” he scavenged the IP’s and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don’t know at this stage) so we are unable to continue using them. We however still have control over AnonOps.in, and will continue to publish news there,” the group stated in a message that was posted on an alternate domain name AnonOps.in.

The group also claimed that the person behind this attack is also involved in the “new” Encyclopedia Dramatica (encyclopediadramatica.ch) against which AnonOps planned to launch an attack.

Here is the message that the group wrote on AnonOps .in:

Dear Users of the AnonOps Network,

We regret to inform you today that our network has been compromised by a former IRC-operator and fellow helper named “Ryan”. He decided that he didn’t like the leaderless command structure that AnonOps Network Admins use. So he organised a coup d’etat, with his “friends” at skidsr.us . Using the networks service bot “Zalgo” he scavenged the IP’s and passwords of all the network servers (including the hub) and then systematically aimed denial of service attacks at them (which is why the network has been unstable for the past week). Unfortunately he has control of the domain names AnonOps.ru (and possibly AnonOps.net, we don’t know at this stage) so we are unable to continue using them. We however still have control over AnonOps.in, and will continue to publish news there.

We would STRONGLY ADVISE all users to STAY AWAY from AnonOps.net and AnonOps.ru, and they should be considered COMPROMISED. Using or connecting to any service on those addresses may put your computer, and by extension your person, at risk.

We will continue to update you on this story, as well as on how we proceed with the future of Anonops.

We are profoundly sorry for this drama, and we can’t give you a an estimate on when service will resume normally.

Alas, the IRC-network will probably remain down until we can sort this out.

We will try to keep you up to date you via our official channel (anonops.in).

Signed,

The “Old” AnonOps netstaff.

“shitstorm”, “Nerdo”,”owen”,”blergh”, and “Power2All”

Third hack on Sony systems exposes additional 2500 users

There seems to be no end to the data loss incidents at Sony Corporation. In the last two weeks, the company has accepted losing personal data of over 100 million users (77 million users affected by hack on PlayStation Network and 25 million affected with hack on Sony Online Entertainment). In a statement made Saturday to Reuters, Sony acknowledged that another Sony property had been attacked by malicious hackers and more data stolen and published.

Even more embarrassing was the fact that the stolen information was published on a Sony web server that reportedly is part of Sony Electronics.

The information disclosed contained names and partial addresses of Sony customers who had participated in a 2001 sweepstakes. Sony’s comment is as follows:

“The website was out of date and inactive when discovered as part of the continued attacks on Sony,”

This appears to be a partial repeat of what they disclosed in their second statement acknowledging that Sony Online Entertainment had been compromised. “Don’t worry it was old data on a forgotten server.”

“In an organization as large as Sony the hackers targeting them may be able to continue to find low hanging fruit, unpatched old equipment at any of the various Sony subsidiaries could continue to embarrass Sony publicly,” opined Chester Wisniewski is a Senior Security Advisor, Sophos .

Meanwhile, Sony Playstation Network users are starting to get quite impatient as they await the return of the online gaming service.

In this case Sony is certainly doing the right thing. It is better to be offline and identify what must be done to return the service to a secure state than to simply turn it back on and allow attackers to target even more data.

Sony blames Anonymous for PSN and SOE hack

Sony has finally broken the ice and replied to the US Commerce Committee on the recent PlayStation hack that affected 77 million users and subsequent attack on Sony Online Entertainment that affected another 25 million users. In a formal letter addressed to members of the House Commerce Committee, Sony Computer Entertainment America, Kazuo Hirai suggests the rogue hacktivist movement Anonymous played a role in the massive customer data breach that now exceeds 100 million records.

Anonymous followers had previously taken credit for a distributed denial of service (DDoS) attack against the Sony websites in early April but refused any involvement in the later hack on PSN and SOE.

Initially, Sony representatives did not seek to connect the hacktivist group with the data breach event. That has changed now that forensic investigators have located a file on the hacked PSN systems named “Anonymous” and containing the movement’s tagline “We are Legion.”

The discovery was enough evidence for Sony’s chairman to state in the letter to Congress that Anonymous was at least partly to blame for the customer data loss event:

“Just weeks before, several Sony companies had been the target of a large-scale, coordinated denial of service attack by the group called Anonymous… Whether those who participated in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know. In any case, those who participated in the denial of service attacks should understand that – whether they knew it or not – they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony’s many customers around the world,” Hirai’s letter said.

The letter to Congress also sought to counter criticism that Sony waited too long to notify authorities and customers of the breach, stating that the company only released information after it was confirmed in the investigation:

“Throughout the process, Sony Network Entertainment America was very concerned that announcing partial or tentative information to consumers could cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence,” Hirai’s letter said.

Sony has provided a summary of Hirai’s letter to Congress:

In summary, we told the subcommittee that in dealing with this cyber attack we followed four key principles:

1. Act with care and caution.
2. Provide relevant information to the public when it has been verified.
3. Take responsibility for our obligations to our customers.
4. Work with law enforcement authorities.

We also informed the subcommittee of the following:

• Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.

• We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”

• By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.

• As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.

• Protecting individuals’ personal data is the highest priority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.

• We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.

Fox databases hacked: Personal data of 250,000 participants for X FACTOR at risk

The FBI is said to be investigating a potential hack of the databases of applicants for the American version of the British show, The X Factor, and could affect as many as 250,000 people, according to an email. The sensitive contact information of hopeful kids as young as 12 could now be in the hands of hackers.

People who have applied to go on the US version of the show, have been warned not to reply to emails from Fox, Rupert Murdoch’s US TV network broadcaster, particularly if those emails request personal information.

In a statement on its website, Fox alerted its users:

This week, we learned that computer hackers illegally accessed information you and others submitted to us to receive information about The X FACTOR auditions. As you may recall, the information you provided to us did not include your Social Security number or any financial information (such as bank account or credit card information), and you were not required to enter a user name or password to access our site. As a result, no financial information, Social Security numbers, or passwords were accessed by this unauthorized party. It is possible, however, that the information you did provide to us, which included your name, email address, zip code, phone number (which was optional), date of birth, and gender, may have been accessed.

Fox.com and The X FACTOR will never ask you to email personal information such as financial data, credit card numbers, Social Security numbers or the user name or passwords you use to access other websites. If you receive an email that appears to be from Fox.com or The X FACTOR asking for personal information, please forward it to askfox@fox.com and then delete it, as it did not come from us. You can also send an email to askfox@fox.com if you have any questions or concerns.

If you fear that your data might have been exposed, keep a keen eye on your email inbox for fraudulent communications.

If you think your child has applied, maybe this is a good time to have a chat with them about all of this and warn about possible unwanted emails and phone calls.

Sony PlayStation Hack is the Fourth Largest Hack in History

Last week’s hack on Sony’s PlayStation Network has been listed as the fourth largest data breach ever in history, exposing the personally identifiable information (PII) and possibly credit card data of about 70 million users, according to DataLossdb, an open source foundation that monitors data breaches across the world.

IT security firm, Sophos, is warning users of Sony’s PlayStation Network that they are at risk of identity theft after hackers broke into the system and accessed the personal data of videogame players.

The implications of the hack, which resulted in the service being offline since last week, are only now becoming clear as Sony has confirmed that the hackers, who broke into the system between April 17th and April 19th, were able to access the online gamers’ personal information.  According to Sophos, users should take immediate action to ensure that their online identities are secure, and that fraudsters cannot take advantage of stolen credit card information.

Sony is yet to provide the exact details of the attack and says it is still unsure if the credit card details were breached but at the same time says it doesn’t rule out the possibility that your credit card details could already be in the hands of the attackers.

“If you’re a user of Sony’s PlayStation Network, now isn’t the time to sit back on your sofa and do nothing.  The fraudsters won’t wait around – for them this is a treasure trove ripe for exploiting. You need to act now to minimize the chances that your identity and bank account become casualties following this hack,” said Graham Cluley, Senior Technology Consultant at Sophos.  “That means, changing your online passwords (especially if you use the same password on other sites), and considering whether it would be prudent to inform your bank that as far as you’re concerned your credit card is now compromised.”

Sony has warned that hackers have been able to access a variety of personal information belonging to users including:

• Name
• Address (city, state, pin code)
• Country
• Email address
• Date of birth
• PlayStation Network/Priority password and login
• Handle/PSN online ID

In addition, Sony warns that profile information – such as history of past purchases and billing addresses, as well as “secret answers” given to Sony for password security may also have been obtained.  Sony also admits that it cannot rule out the possibility that credit card information may also have been compromised.

“The fact that credit card details, used on the network to buy games, movies and music, may also have been stolen is very disturbing,” continued Cluley.  “If Sony loses your credit card information, it’s no different from you losing your credit card – you should cancel that card immediately.  Questions clearly have to be asked as to whether Sony was ignorant of PCI data security standards and storing this and other personal data in an unencrypted format.  All in all, this is a PR and security disaster for Sony.”

Romanian programmer hacks into European Space Agency

A Romanian computer hacker who goes by the name of TinKode or Code.Breaker has posted user names and passwords of over 100 FTP accounts of ESA, the Europeam Space Agency on his website today after breaking into the ESA website.

The European Space Agency (ESA), established in 1975, is an intergovernmental organisation dedicated to the exploration of space, currently with 18 member states. Headquartered in Paris, ESA’s space flight program includes human spaceflight, mainly through the participation in the International Space Station program, the launch and operations of unmanned exploration missions to other planets and the Moon, Earth observation, science, telecommunication as well as maintaining a major spaceport, the Guiana Space Centre at Kourou, French Guiana, and designing launch vehicles.

The hacker posted details of the compromise on his blog in full disclosure style. However, the method he used was not revealed.
The published data includes FTP accounts for a range of ESA subsites with passwords in clear text. A list of database users with hashed passwords was also disclosed, together with the SHA1-hashed server root password.

The site administrator and editor credentials were exposed in plain text, as well as email addresses and passwords corresponding to website user accounts.

The passwords are in readable form, but TinKode took the measure of partially hiding them before publishing. There is also a list of associated proxy user names and passwords.

European Space Agency has been informed about the incident and is yet to make an official statement in this regard.

WordPress servers breached

WordPress’ founder Matt Mullenweg has communicated through his blog that hackers have breached the security of of Automattic, the company that runs WordPress, and broken into several of its servers.

Mullenweg says that Wednesday’s incident was a low-level root access breach. The company is reviewing its data logs to figure out what information may have been stolen and is working on patching any holes in its security. It seems unlikely that personally identifiable user information was taken during the attack, but Automattic has yet to complete its investigation.

“We presume our source code was exposed and copied,” Mullenweg stated on the company’s blog. “While much of our code is open source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited.”

WordPress hasn’t issued any advice to its millions of users so far, apart from suggesting the use of strong and unique passwords.