Complete DHS Report for December 16, 2016
Daily Report
Top Stories
• The former president of the Bank of Union (BOU) in El Reno,
Oklahoma, was charged December 13 after he and 4 co-conspirators allegedly
caused the bank over $100,000,000 in losses. – U.S. Attorney’s Office,
Western District of Oklahoma See item 2 below in the Financial Services Sector
• Federal officials approved December 13 a guilty plea and an
$11.2 million settlement with a ConAgra Foods, Inc. subsidiary to resolve an
investigation into a 2006 Salmonella outbreak linked to the firm’s Peter Pan
peanut butter that sickened at least 625 people in 47 States. – Associated
Press
11. December 13,
Associated Press – (National) ConAgra to pay $11.2M to settle tainted
peanut butter case. The U.S. Department of Justice approved December 13 a
guilty plea and an $11.2 million settlement with a ConAgra Foods, Inc.
subsidiary to resolve an investigation into a 2006 Salmonella outbreak linked
to the firm’s contaminated Peter Pan peanut butter that sickened at least 625
people in 47 States. Source: http://www.cbs8.com/story/34037383/conagra-to-pay-112m-to-settle-tainted-peanut-butter-case
• About 200,000 gallons of untreated wastewater spilled into Bear
Creek in Mocksville, North Carolina, December 13 due to a force main break. – Salisbury
Post
14. December 14,
Salisbury Post – (North Carolina) 200,000 gallons of wastewater spills
into Mocksville’s Bear Creek. A force main break near a tributary of Bear
Creek in Mocksville, North Carolina, caused an estimated 200,000 gallons of
untreated wastewater to spill into the creek in the South Yadkin River Basin
December 13. Officials stated the force main break occurred after friction from
rocks caused a pipe to fail. Source: http://www.salisburypost.com/2016/12/14/200000-gallons-wastewater-spills-mocksvilles-bear-creek/
• Yahoo Inc. reported
December 14 that the data associated with more than 1 billion user accounts may
have been compromised in an August 2013 breach. – SecurityWeek See
item 20 below in the Information
Technology Sector
Financial Services Sector
2. December 14, U.S.
Attorney’s Office, Western District of Oklahoma – (Oklahoma) Former bank
president indicted in connection with $100,000,000 bank failure. The former
president of the Bank of Union (BOU) in El Reno, Oklahoma, was charged December
13 after he and 4 co-conspirators allegedly defrauded BOU by issuing loans with
under secured or unsecured collateral and falsifying financial statements for
several bank borrowers, concealing the bank’s true financial condition from the
Board of Directors and the Federal Deposit Insurance Corporation (FDIC), and
originating nominee loans to circumvent the bank’s legal lending limit, among
other fraudulent actions, from 2009 – 2013, which caused the bank more than
$100,000,000 in losses. In January 2014, State banking regulators closed BOU
due to the losses it incurred as a result of the scheme.
Source:
https://www.justice.gov/usao-wdok/pr/former-bank-president-indicted-connection-100000000-bank-failure
Information Technology Sector
19. December 14,
SecurityWeek – (International) SAP resolves multiple information
disclosure flaws. SAP released its December 2016 security patches, which
feature 20 Patch Day Security Notes and updates for 2 previously released notes
to resolve a total of 31 vulnerabilities affecting several SAP products,
including an information disclosure flaw in SAP Business Objects Explorer which
could be leveraged to reveal additional information such as system data or
debugging information, among other patched flaws. The updates also resolve
three flaws in 2 SAP for Defense Forces & Public Security components that
could allow an attacker to read, alter, or delete restricted data.
20. December 14,
SecurityWeek – (International) Yahoo says newly discovered hack hit 1
billion accounts. Yahoo Inc. reported December 14 that the data associated
with more than 1 billion user accounts may have been compromised in an August
2013 breach after attackers reportedly accessed the company’s proprietary code
to learn how to forge cookies. Yahoo officials claimed the breach was conducted
by a State sponsored actor and the breach remains under investigation. Source: http://www.securityweek.com/yahoo-says-newly-discovered-hack-hit-1-billion-accounts
21. December 14, Agence
France-Presse – (International) Ashley Madison dating site to pay $1.6
million over breach. Ruby Corp., the parent company of the Ashley Madison
discrete dating Website, agreed December 14 to pay a $1.6 million penalty to
settle charges with the U.S. Federal Trade Commission and State regulators
after a hacker group released the data of 36 million users of the Website in 46
countries in 2015. The settlement requires Ashley Madison to implement a wide
range of data security practice to better protect its users’ personal
information from malicious actors in the future. Source: http://www.securityweek.com/ashley-madison-dating-site-pay-16-million-over-breach
Communications Sector
Nothing to report