Complete DHS Report for March 8, 2016
• The Metro Gold Line in Pasadena, California, reopened March 7 after a semi-truck traveling westbound on the 210 Freeway lost control and crashed on the tracks March 6, closing the tracks for about 24 hours. – San Francisco Bay City News
7. March 7, San Francisco Bay City News – (California) Metro Gold Line service resumes after fiery crash is cleared. Both sides of the Metro Gold Line in Pasadena, California, reopened March 7 after a semi-truck traveling westbound on the 210 Freeway lost control, crashed, and caught fire on the Metro’s tracks March 6, closing the tracks for about 24 hours. All lanes of the 210 Freeway reopened after closing for 12 hours and one person was sent to the hospital with minor injuries.
• 21st Century Oncology Holdings Inc., announced March 4 that the personal and medical information of 2.2 million patients may have been copied and transferred following an October 2015 breach of its computer network. – Reuters
18. March 4, Reuters – (National) 21st Century Oncology says investigating cyber breach. 21st Century Oncology Holdings Inc., announced March 4 that the personal and medical information of 2.2 million current and former patients may have been copied and transferred after the FBI notified the company of a potential October 2015 breach of its computer network. The investigation into the potential breach remains ongoing. Source: http://www.reuters.com/article/us-21stcenturyoncology-breach-idUSKCN0W629M
• At least seven schools in northern Virginia, an entire school district in Maine, and schools in New Jersey received bomb threats via robocalls March 4, prompting evacuations or lockdowns. – Washington Post
19. March 4, Washington Post – (Virginia; New Jersey; Maine) Telephone bomb threats prompt numerous school evacuations and lockdowns in Va., N.J. At least seven schools in northern Virginia, an entire school district in Augusta, Maine, and schools in a dozen districts in New Jersey received bomb threats via robocalls March 4, prompting evacuations or lockdowns. Police investigated and cleared the scene after nothing suspicious was found at any of the campuses. Source: https://www.washingtonpost.com/news/education/wp/2016/03/04/telephone-bomb-threats-prompt-numerous-school-evacuations-and-lockdowns/
• Seagate Technology reported that its employees’ personal information was compromised after a phishing email disguised as a legitimate internal company request prompted an employee to disclose employee data to an unauthorized third party. – CNBC See item 20 below in the Information Technology Sector
Financial Services Sector
6. March 5, Minneapolis Star Tribune – (Minnesota; Wisconsin) Stillwater investment adviser admits cheating clients out of $2.6M. A former investment adviser at Alternative Wealth Solutions pleaded guilty March 1 to Federal charges after he bilked approximately 50 investors in Minnesota and Wisconsin out of nearly $2.6 million and used the money to cover promised returns to other investors and for personal expenses. The adviser also admitted to creating counterfeit secured notes as proof of investment. Source: http://www.startribune.com/stillwater-investment-adviser-admits-cheating-clients-out-of-2-6m/370818241/#
Information Technology Sector
20. March 7, CNBC – (National) Scam artists hit Seagate Technology. Cupertino-based Seagate Technology reported that its current and former employees’ personal information including tax information, Social Security numbers, and salaries were compromised after a phishing email disguised as a legitimate internal company request prompted an employee to disclose employee data to an unauthorized third party. The company notified the U.S. Internal Revenue Service and is offering an identify-theft protection service to those affected. Source: http://www.cnbc.com/2016/03/07/seagate-technology-discloses-key-tax-data-of-us-employees.html
21. March 6, SecurityWeek – (International) Amazon changes stance on encryption for fire tablets. Amazon.com, Inc., reported March 5 that it will be returning its Kindle Fire devices to full disk encryption and will be releasing the security feature with a Fire operating system (OS) update. The company previously removed the enterprise features in 2015 due to low customer usage.
22. March 6, Softpedia – (International) First fully functional Mac ransomware spread via transmission BitTorrent client. Researchers from Palo Alto reported that the official Transmission BitTorrent Web site used by Mac customers was allegedly hacked after researchers found that the Transmission Web site was replaced for Mac version 2.90, which came embedded with the KeRanger ransomware. The ransomware targets over 300 file extension types, uses Advanced Encryption Standard (AES) encryption to lock files, and demands a 1 Bitcoin payment fee. Source: http://news.softpedia.com/news/first-fully-functional-mac-ransomware-spread-via-transmission-bittorrent-client-501411.shtml
23. March 5, Softpedia – (International) Popular WordPress plugin comes with a backdoor, steals site admin credentials. Security researchers from Sucuri discovered that an unknown attacker named wooranker was able to control WordPress user login, create and edit commands, and intercept user data before encryption, among other actions, by using a popular WordPress plugin, Custom Content Type Manager (CCTM). The attacker used the plugin to install an auto-update.php backdoor, forcing the target’s side to download and install another file named c.php, which would create wp-options.php to alter core WordPress files. Source: http://news.softpedia.com/news/popular-wordpress-plugin-comes-with-a-backdoor-steals-site-admin-credentials-501383.shtml
24.March 7, Reuters – (National) Verizon Wireless to pay $1.35 million fine to settleU.S. privacy probe. The U.S. Federal Communications Commission announced March7 that Verizon Communications Inc., will pay a $1.35 million fine after the commission found that the company’s wireless unit violated the privacy of more than 100 million users by failing to disclosure that it sent data about super cookies, unique, undeletable identifiers inserted into Web traffic to deliver targeted ads, from late 2012 through2014. The company agreed to a three-year consent decree which requires consumers to point in to allow their information to be shared outside Verizon Wireless. Source: http://www.reuters.com/article/us-verizon-fcc-settlement-idUSKCN0W91W7