BreachExchange mailing list archives
fringe: Hackers pluck 8, 300 customer logins from bank server
From: security curmudgeon <jericho () attrition org>
Date: Tue, 6 Apr 2010 00:18:17 +0000 (UTC)
[Presumably, if they logged into these accounts, information may have been disclosed. - jericho] http://www.theregister.co.uk/2010/01/12/bank_server_breached/ Hackers pluck 8,300 customer logins from bank server New variation on an old theme scheme By Dan Goodin in San Francisco . Get more from this author Posted in Crime, 12th January 2010 22:29 GMT Hackers have stolen the login credentials for more than 8,300 customers of small New York bank after breaching its security and accessing a server that hosted its online banking system. The intrusion at Suffolk County National Bank happened over a six-day period that started on November 18, according to a release (PDF) issued Monday. It was discovered on December 24 during an internal security review. In all, credentials for 8,378 online accounts were pilfered, a number that represents less than 10 percent of SCNB's total customer base. "Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server," the bank, located about an hour east of New York City, stated. "To date, SCNB has found no evidence of any unauthorized access to online banking accounts, nor received any reports of unusual activity or reports of financial loss to its customers." The breach represents a variation on more traditional types of attacks on online banking. Cyber crooks typically target customers by surreptitiously planting malware on their computers that log their user name and password. The FBI estimates that online banking losses to small and medium-sized businesses alone have reached $100m. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- fringe: Hackers pluck 8, 300 customer logins from bank server security curmudgeon (Apr 06)