Sunday, April 30, 2006

Data Breaches - As Common As the HouseFly

Via Zone-H.org -

In a security incident with a Slovak National Security Office server, a great amount of data has been downloaded by crackers, as Slovak community website (www.blackhole.sk) informed on April 25th.

Crackers got access to and downloaded "20 gigabytes of emails, internal documents, directives etc.." as described probably by the authors of these attacks, crackers got access thanks to weak security, specifically the intruders tried a common account name "nbusr" followed by password nbusr123 guessing it at the first attempt.

See the full article above for more details. They even su'd with no password.

-------------------------------

Via FCW.com -

The Defense Department announced April 28 that someone broke into a Tricare Management Activity (TMA) public server and gained access to information. The compromised information included personal information about military employees, DOD officials said.

“As a result of this incident, we immediately implemented enhanced security controls throughout the network and installed additional monitoring tools to improve security of existing networks and data files,” said William Winkenwerder Jr., assistant secretary of defense for health affairs. “Such incidents are reprehensible, and we deeply regret the inconvenience this may cause the people we serve.”

Investigators do not know the motive for the crime or whether the information has been misused. The Defense Criminal Investigative Service is participating in an investigation. DOD sent letters to employees who were affected by the intrusion to inform them of potential identity theft.

Tricare is DOD's Military Health System, which provides health care for members of the uniformed services and their families and for retirees. TMA oversees Tricare activities.

No comments:

Post a Comment