Data Breach Bulletin: Anonymous Targets Kenyan Defense Forces Twitter Account

Posted In Cyber Security, NEWS, Technology - By admin on Monday, July 21st, 2014 With No Comments »
A screenshot of a tweet posted Monday morning on the @kdfinfo Twitter account, which has since been deleted.

A screenshot of a tweet posted Monday morning on the @kdfinfo Twitter account, which has since been deleted.

This week’s data breach roundup has an international focus, with a Russian hacker group and breaches in Kenya, Australia, and the UK.  While most of the breaches reported this week occurred recently, one breach wasn’t reported for three whole years. Read on for more details:

Kenya Defense Forces Twitter – On Sunday, the hacktivist group Anonymous announced that it had hacked the Kenyan Defense Forces’ official Twitter account using the handle @Anon_0x03, reportedITWebAfrica. On Monday morning, Anonymous still had control of the account and was busy tweeting to protest corruption and lash out against the country’s leaders. One tweet, which has since been removed, read, “Corruption, tribalism & impunity are destroying KE. We should never have elected two criminals,” and others were much more explicit. According to the IB Times, the hacker behind the @Anon_0x03 account claimed to have used phishing emails to instigate this attack as well as another attack against the Kenyan Defense Forces spokesperson Major Emmanuel ChirChir’s Twitter account.  At this time, all tweets by Anonymous except one have been deleted from the account.  The breach of a Twitter account might not be a huge security risk, but it isn’t good publicity for the Kenyan government, especially given the gleeful tone of tweets like this one: “Dear @PoliceKE Catch me if you can :D.”.

CNET – A Russian hacker group called W0rm allegedly hacked CNET News’ website last weekend, saying it acted out of altruism. CNET reported that it was informed via Twitter that Worm had stolen a “database of usernames, emails, and encrypted passwords from CNET’s servers” for more than 1 million users. W0rm’s motivation was allegedly to “make the Internet a better and safer [place]” by exposing the website’s security flaws. Last Monday, W0rm tweeted that it will sell the database for 1 Bitcoin (which is currently worth $620.55 according to Google’s handy new Bitcoin converter), but said that was just a ploy for attention. CNET is owned by CBS Interactive, and a CBS Interactive spokeswomen said that a “few servers were accessed” and that the issue had been identified and resolved.

Information Commissioner’s Office – Being a “privacy watchdog” doesn’t mean you won’t get hacked, but it does mean that you’ll probably get more flack for it, especially if you aren’t transparent.  On page 46 of their 2013/2014Annual Report, the UK’s Information Commissioner’s Office (ICO) revealed that it suffered “one non-trivial data security incident which was treated as a self-reported breach.” The organization has since been criticized in British media for not being transparent about the breach, including telling the Timesthat it would have to fill out a Freedom of Information request and then claiming the breach was linked to a criminal investigation. The same annual report noted the increasing number of data breaches in the UK and asked for more government funding.

Catch of the Day – Like most people, if my data has been breached, I’d like to know as soon as possible. And I certainly wouldn’t want to find out about a breach three years later. That’s what happened to long-time users of Australia’s daily deals site, Catch of the Day, who found out last week that their passwords and credit card numbers had been stolen in a breach in 2011.  On July 18, 2014, Catch of the Daily released a statement saying the company had contacted members who had joined before May 7, 2011, recommending they change their passwords because of “an illegal cyber attack in early 2011.” Breach reporting often isn’t timely, but Forbes contributor Thomas Brewster points out that this might be one of the least timely breach reports to date, even though the Australian Federal Police was notified in 2011. So why did they wait until 2014 to inform their customers? Apparently, Catch of the Day decided that technology is now advanced enough that hackers might be able to decrypt the passwords. I’m guessing hackers could have figured out the passwords long before now. This is a good reminder of why it’s smart to change your passwords from time to time, even if you haven’t been told about a breach.

Dominion Resources –Approximately 17,000 Dominion Resources employees participating in a company wellness program became victims of a third-party vendor data breach, the Times Dispatch reported on Tuesday.   Virginia-based Dominion used StayWell Health Management to run “Well on Your Way,” its employee wellness program. StayWell, in turn, subcontracted Onsite Health Diagnostics to run the signup system for screening appointments. On June 16, Onsite Health Diagnostics notified StayWell of a breach on March 25, in which a hacker gained access to names, phone numbers, gender and birth dates, and encrypted passwords of Dominion employees. A week later, StayWell notified Dominion, and it took until July 7thfor Dominion to figure out who had been affected. The breach is under investigation, and Dominion is no longer using Onsite Health Diagnostics.

City of Encinitas – Data breach notification letters are sent out multiple times a week in California, but in an interesting twist, the city of Encinitas in California sent breach letters to both living former and current employees, and the beneficiaries of any deceased former employees.  According to the letters, the Water District of the City of Encinitas and San Dieguito accidentally published social security numbers on the City’s website between May 13, 2014 and July 3, 2014, on a CalPERS payment document. Only 16 people had accessed the document during that time period, thankfully, but considering that the document contained employee information dating all the way back to 1986, those 16 people had access to a trove of social security numbers.


About -