Monday, April 21, 2014




Complete DHS Report for April 21, 2014

Daily Report

Details

 • A power outage affected around 30,000 Matanuska Electric Associated customers April 17 between Glacier View and Wasilla, Alaska, after a tree fell on a transmission line, causing 9 substations to trip and go offline. – KTUU 2 Anchorage

1. April 17, KTUU 2 Anchorage – (Alaska) Power restored in MEA Mat-Su Valley outage. A power outage affected around 30,000 Matanuska Electric Associated customers April 17 between Glacier View and Wasilla after a tree fell onto a transmission line, causing power fluctuations that caused 9 substations to trip and go offline. All power was restored after around 2 hours. Source: http://www.ktuu.com/news/news/mea-reports-widespread-matsu-valley-outage/25542708

 • Craft retailer Michaels Stores confirmed April 17 that it was the victim of a data breach that may have exposed information on around 2.6 million payment cards used at Michaels and Aaron Brothers stores. – Reuters See item 5 below in the Financial Services Sector

 • The U.S. Securities and Exchange Commission (SEC) announced that it filed charges against the Massachusetts-based operators of TelexFree Inc., and TelexFree LLC for operating a $1.1 billion international pyramid scheme targeting Dominican and Brazilian immigrants. – U.S. Security and Exchange Commission See item 9 below in the Financial Services Sector

 • Authorities are investigating the cause of a fire at a Marathon County Highway Department building on State Highway 97 in Wisconsin April 18 that caused an estimated $1.5 million in damage. – WAOW 9 Wasau

10. April 18, WAOW 9 Wausau – (Wisconsin) Snow plows, loader destroyed in fire. Authorities are investigating the cause of a fire at a Marathon County Highway Department building on State Highway 97 in Wisconsin April 18 that caused an estimated $1.5 million in damage. Source: http://www.waow.com/story/25281576/2014/04/18/highway-department-facility-fire

Financial Services Sector

5. April 17, Reuters – (National) Retailer Michaels Stores confirms payment card data breach. Craft retailer Michaels Stores confirmed April 17 that it was the victim of a data breach that may have exposed information on around 2.6 million payment cards used at Michaels and Aaron Brothers stores. The breach was initially reported in January, and after investigation was found to have taken place between May 8, 2013 and January 27, 2014. Source: http://www.reuters.com/article/2014/04/17/us-michaelsstores-cybercrime-idUSBREA3G27N20140417

6. April 17, Reuters – (National) SEC’s information technology at risk of hacking: report. A report by the Government Accountability Office found that the U.S. Securities and Exchange Commission failed to take steps to protect its data networks from breaches, including failing to encrypt sensitive information and failing to physically secure some systems. Source: http://www.reuters.com/article/2014/04/17/us-sec-cybercrime-security-idUKBREA3G25720140417

7. April 17, Los Angeles Times – (California) Glendale resident found guilty of bank fraud, ID theft. Three men were found guilty April 17 for placing skimming devices at several 99 Cents Only stores in southern California, stealing payment card information from hundreds of customers and causing over $2 million in losses. Source: http://www.glendalenewspress.com/news/tn-gnp-glendale-resident-found-guilty-of-bank-fraud-id-theft-20140417,0,1230805.story

8. April 17, Minneapolis Star-Tribune – (Minnesota) Former Prior Lake investment adviser admits to defrauding investors of $6 million. A former Prior Lake investment advisor pleaded guilty April 17 to defrauding 13 investors of around $6 million in an investment fraud scheme by setting up fake accounts in their names and using the victims’ funds for personal expenses. Source: http://www.startribune.com/local/south/255675901.html?page=all&prepage=1

9. April 17, U.S. Securities and Exchange Commission – (International) SEC halts payment scheme targeting Dominican and Brazilian immigrants. The U.S. Securities and Exchange Commission (SEC) announced April 17 that it filed charges April 15 against the Massachusetts-based operators of TelexFree Inc., and TelexFree LLC for allegedly operating a $1.1 billion international pyramid scheme targeting mainly Dominican and Brazilian immigrants in the U.S. The SEC’s actions also include an asset freeze, approved April 16, that secured several million dollars in funds. Source: http://www.sec.gov/litigation/litreleases/2014/lr22974.htm

For another story, see item 19 below from the Healthcare and Public Health Sector

19. April 17, Pittsburgh Post-Gazette – (Pennsylvania) UPMC data breach may affect as many as 27,000 employees. The University of Pittsburgh Medical Center (UPMC) reported April 17 that as many as 27,000 employees may have had their personal information exposed in a February data breach, with at least 788 employees becoming victims of tax fraud since the breach was discovered. UPMC assured their patients that none of their information was breached. Source: http://www.post-gazette.com/business/finance/2014/04/17/UPMC-data-breach-may-affect-as-many-as-27-000-employees/stories/201404170277

Information Technology Sector

26. April 18, Softpedia – (International) Cybercriminals can hijack Steam accounts with Steam Guard enabled. Researchers at Malwarebytes found that attackers have been able to compromise Steam accounts with the Steam Guard verification service enabled by using phishing pages that ask users to upload the .ssfn file from their Steam folder, allowing the Steam Guard security feature to be bypassed. Source: http://news.softpedia.com/news/Cybercriminals-Can-Hijack-Steam-Accounts-with-Steam-Guard-Enabled-438488.shtml

27. April 18, Softpedia – (International) Trojan-SMS.AndroidOS.Stealer.a is one of the most widespread mobile trojans. Kaspersky Labs researchers found that the Trojan-SMS.AndroidOS.Stealer.a trojan accounted for almost a quarter of attempted infections of Android devices running the company’s security software during the first quarter of 2014, with the highest amount of infections found in Russia. The trojan is capable of opening Web pages, sending SMS messages, installing applications, and other functions. Source: http://news.softpedia.com/news/Trojan-SMS-AndroidOS-Stealer-a-Is-One-of-the-Most-Widespread-Mobile-Trojans-438270.shtml

28. April 17, Charleston Post and Courier – (South Carolina) Bomb threat reported at Google Data Center in Berkeley County. The Google Data Center in Berkeley County, South Carolina, was evacuated for several hours April 17 after a bomb threat was found in a note left at the facility. Workers were allowed to return after police cleared the building. Source: http://www.postandcourier.com/article/20140417/PC16/140419407/1005/

Communications Sector

See item 25 below from the Emergency Services Sector

25. April 17, WKBT 8 La Crosse – (Wisconsin) Temporary 911 communication outage reported in Monroe County. A failure in CenturyLink equipment caused by a lightning strike April 13 led to an outage that affected 9-1-1 calls in Monroe County, Wisconsin, for around 45 minutes April 17, prompting an alert from the Monroe County 9-1-1 Communications Center. All affected equipment was expected to be returned to service by the April 19-20 weekend. Source: http://www.news8000.com/news/temporary-911-communication-outage-reported-in-monroe-county/25533