Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, April 15, 2009

Complete DHS Daily Report for April 15, 2009

Daily Report

Top Stories

 KVIA 7 El Paso reports that almost 500 gallons of a hydrochloric acid-based solution were spilled from a large tank inside a chemical warehouse in El Paso, Texas on Monday. Hazardous material crews and firefighters spent over six hours on Monday at the scene. (See item 6)

6. April 13, KVIA 7 El Paso – (Texas) Nearly 500 gallons of hydrochloric acid spilled at Westside warehouse. Hazardous material crews and firefighters spent over six hours on April 13 at the scene of a large chemical spill on the Westside. Almost 500 gallons of a hydrochloric acid-based solution were spilled inside the Chemical warehouse at 4731 Ripley near Doniphan in the Upper Valley about 9:30 a.m., an El Paso Fire Department spokesman said. The product is used to clean the outside of cement trucks, he said. The chemical was spilled from a large tank and firefighters believe a faulty valve was to blame. Two employees were exposed to the acid, which is corrosive and irritating to the skin, eyes and respiratory system. 50-100 gallons of the acid went down drains before an emergency shutoff valve was activated, but crews were able to prevent more from going down the drains. Hazardous material crews were working on neutralizing the acid. If the chemicals went down into the water system, it would be down a sewer drain and the chemicals would not affect the drinking supply, according to a spokesperson of El Paso Water Utilities. Source:

 According to the Associated Press, all residents of Ridgefield, New Jersey were being told to boil their water after a main break that caused major disruptions in the community on Monday. A Public Service Enterprise Group spokeswoman said as many as 80 customers lost natural gas service when the water main break caused a gas line to break. (See item 28)

28. April 13, Associated Press – (New Jersey) NJ water main break forces evacuations. All residents of Ridgefield were being told to boil their water after a main break that caused major disruptions in the community on the morning of Monday, April 13. Bergen Now reported that more than 30 Ridgefield families were evacuated from their homes, and thousands of residents have little or no water pressure, as a result of the break in the 36-inch water main. A Ridgefield police captain said several homes were evacuated around 6 a.m. as water gushed down a hill, flooding three city blocks. But several residents had returned home by that evening. A Public Service Enterprise Group spokeswoman said as many as 80 customers lost natural gas service when the water main break caused a gas line to break. But all were expected to have service restored by late Monday night. A United Water spokesman said the break caused decreased water pressure for thousands of customers in Ridgefield, Palisades Park and Fairview. Pressure was restored for most customers around 8 a.m., but the boil water directive would remain in effect as a precaution. Source: See also:


Banking and Finance Sector

12. April 14, Kenosha News – (Wisconsin) Local banks victims of data breach. Customers at Southport Bank in Kenosha were victims recently to a data breach at a company that processes debit and credit card transactions for national retailers. In January, Heartland Payment Systems announced a data breach. Since then, customers of more than 600 banks around the country have been victims of debit card fraud, with thieves using data stolen during the Heartland breach. Recently, Southport learned 78 customers had been hit by debit card theft, with the thieves using fraudulently produced duplicate cards to make purchases. The bank said that customers, including several Southport Bank employees, began noticing irregular transactions on their accounts April 8. Other local banks also have been affected, including Bank of Kenosha. The Southport senior vice president, who said his own personal account was one of those breached, said the bank moved to shut down the fraud, issuing new cards to customers believed vulnerable and placing a $100 limit on signature-only uses of debit cards that do not require customers to provide a personal identification number. Before the bank was alerted to the scam, the identity thieves made $31,000 in purchases with the cards. Southport Bank is covering those losses; bank customers are not liable for the charges. Source:

13. April 14, Los Angeles Times – (California) Investment firm targeted Latinos in Ponzi scheme, SEC alleges. The Securities and Exchange Commission filed a lawsuit April 13 against an El Segundo investment firm, accusing its owner of operating a $23-million Ponzi scheme that targeted Latino investors from seven states. The defendant and her company, Maximum Return Investments Inc., attracted about 150 investors from 2006 to 2008 by offering returns of 25 percent a month, the lawsuit alleged. Instead of profiting in real estate, banking, and oil, silver and gold exploration as she promised, the defendant used money from new investors to make “interest” payments to old investors, the lawsuit said. The lawsuit accused the defendant of diverting $3.5 million for personal use. The lawsuit, which seeks restitution and penalties from the defendant, was filed at the federal courthouse in Los Angeles. Source:,0,1970546.story

14. April 13, WTAE 4 Pittsburgh – (Pennsylvania) Fake Citizens Bank text is scam. Both Citizens Bank customers and non-customers in Pittsburgh have been reporting getting strange text messages on their phones. The text, which is a fake, says that someone has gained unauthorized access to a person’s Citizens Bank account. It also gives a phone number to call for help. The problems could start for real if the phone number is called because it goes to someone else, not the bank, who will try to get the victim’s information. One person e-mailed to say that a business bank account at Citizens was on hold due to suspicious activity after he called the number in the scam text message. Anyone who gets the text should just disregard the message and delete it, and they can also report it to their cell phone company, if they wish. Bank customers should never respond to e-mails or texts asking for account information, because Citizens Bank said it never sends messages about account problems by e-mail or text message. Source:

15. April 13, New York Times – (National) MetLife opts to forgo TARP cash. MetLife said on April 13 that it would not participate in the government’s program to provide emergency funds for troubled assets. The insurance company pointed to other steps it had taken in recent months to build up its capital position, and said it decided that it did not need to take money from the Troubled Asset Relief Program as well. In March, MetLife took advantage of a separate federal program, operated by the Federal Deposit Insurance Corporation, to raise about $397 million for general corporate purposes through a sale of floating-rate notes. Under the program, the FDIC guaranteed the notes, allowing MetLife to borrow at a lower rate than it could have on its own. MetLife was eligible for the FDIC program because it owns a bank and is regulated by the Federal Reserve. MetLife also sold $2.3 billion of stock last fall to replenish its capital and remarketed more than $1 billion of debt earlier this year. In a statement, MetLife’s chief executive said the company now had “approximately $5 billion in excess capital” and did not need TARP money, “although a number of economic challenges remain.” Two other life insurance companies have also recently found themselves out of the running for TARP money, despite having submitted applications last fall. Both had been trying to buy federally chartered financial institutions to meet a condition the Treasury set under the former Secretary. The Protective Life Corporation, an insurer in Birmingham, Alabama, said it had terminated its efforts to acquire the Bank of Bonifay, a federally chartered institution, at the end of March. Protective Life said it had waited in vain until then for news about its application. The Bank of Bonifay had decided that because of the uncertainty, calling off the deal “was in its best interest.” Genworth Financial, a life insurer and mortgage guarantor in Richmond, Virginia, dropped its application for TARP money last week after the U.S. Presidential Administration confirmed that insurers would have to have federally chartered affiliates to qualify for the TARP. Source:

16. April 13, Northern Colorado 5 – (Colorado) Failed bank re-opens under FDIC control. What was once known as New Frontier Bank is now called the Deposit Insurance National Bank. That after the Colorado State Banking Commission closed it down on April 10. On April 13 the FDIC re-opened it so that customers are able to close out their accounts and move their money to another bank, according to a FDIC spokesman. The spokesman says banking activities, such as direct deposit and writing checks, ATM and debit cards, will continue normally for former customers of New Frontier during the 30-day transition period. The spokesman also says it is also important to note that New Frontier official checks will continue to clear and will be issued to customers closing accounts. The bank parking lot was at capacity Monday morning including surrounding areas for at least two blocks. Additional staff were assisting drive through customers informing them that the bank will close. Source:

Information Technology

39. April 14, PC World – (International) Trend Micro dishes out security smorgasbord. Trend Micro on April 13 dished out a smorgasbord of endpoint security products that put the focus on Trend’s cloud-based architecture and its partnership with systems-management vendor BigFix. The Trend Micro Endpoint Security Platform is the firm’s entry in the growing battle to win corporate customers that want combined security and systems management in one suite. The Endpoint Security Platform package is basically a re-branding of the BigFix Unified Management System for endpoint, security configuration and vulnerability management, with specialized modules for functions such as antimalware or data-leak protection. These Windows-based security software modules, the majority of which are available now, work as add-ons to the systems management desktop agent that is part of the Endpoint Security Platform, priced at about US$26 per user. Trend Micro and BigFix are jointly marketing them. The Core Protection Module is similar to Trend Micro’s OfficeScan antimalware software, says the vice president of marketing. He adds part of the strategy around the software modules is to give BigFix customers using a competitors’ antimalware software a chance to try Trend Micro and simply turn on the Core Protection Module to make the switch. The Web Protection Module is an add-on to gain Trend’s Web-based Reputation Services Protection and the Patch Management Module is basically a re-branding of the BigFix systems and security agent for Windows, Apple, Linux and Unix. The fourth module, expected out in June, is the Data Leakage Protection Module based on desktop data-loss prevention technology Trend acquired in its acquisition of start-up Provilla in late 2007. Source:

Communications Sector

40. April 14, Kansas City Star – (California) Sprint hit in West Coast telecom attack. Sprint Nextel was victimized in the recent West Coast attack by the telecom terrorists. The culprits who snipped AT&T fiber-optic cables at several locations in California on April 9 also damaged equipment belonging to Sprint Nextel, a spokeswoman confirmed. “In the location the fiber was cut, our fiber was interwoven with AT&T’s fiber,” said a Sprint spokeswoman. “I don’t think we were the target of whatever this incident was, but we happened to be one of the victims.” The damaged Sprint cable affected the company’s wireline IP network used by business customers for running such things as ATM machines and other electronic systems. Sprint quickly rerouted traffic to limit the impact on business customers. Sprint wireless customers, however, were affected for much of the day because in that area, the company relies on AT&T for the so-called “backhaul” required to handle call traffic, the spokeswoman said. Source: