BreachExchange mailing list archives
SCNB hit by breach – over 8,000 clear text credentials stolen
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Sat, 16 Jan 2010 18:24:42 -0500
http://www.thetechherald.com/article.php/201002/5090/SCNB-hit-by-breach-–-over-8-000-clear-text-credentials-stolen 'Twas the night before Christmas, when Suffolk Bancorp said an internal audit by Suffolk County National Bank (SCNB) discovered that over 8,000 customer online banking credentials were snatched from a server where they resided in plain text. Suffolk Bancorp said that the 8,378 records accounted for less than ten percent of their customer base at SCNB, but failed to explain the reasoning for leaving such information on a server in the clear. After the attack was discovered, the servers used by SCNB were rebuilt and various other security measures were put in place. In addition, all SCNB customers should have a letter from Suffolk Bancorp explaining the incident, a statement said, as they went out According to Amichai Shulman, Imperva’s CTO, what is amazing about the case is not just the fact that the bank has taken until earlier this week to reveal that around 10 percent of its customers' credentials were compromised, but that the data was stored as plain text. “What I find astonishing about this hack is that you would think that a banking application would undergo much more stress testing than most and, as a result, the storage of user credentials in plain text would have been spotted and remediated early on in the system development process,” Shulman said. “Although the full modus operandi for this banking hack has yet to be revealed, but given that the server was accessed and 8,378 credentials were stolen, I would assume the attacker gained access using an SQL injection approach,” he added. Neither SCNB, nor their parent Suffolk Bancorp, would discuss the technical aspects of the breach, which occurred over a six-day period from November 18-23. They said in a statement that they have detected no unauthorized use of the stolen credentials since the attack. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- SCNB hit by breach – over 8,000 clear text credentials stolen Jake Kouns (Jan 17)