BreachExchange mailing list archives
SEC left stocks data vulnerable to hackers: Report
From: security curmudgeon <jericho () attrition org>
Date: Sat, 10 Nov 2012 22:11:55 -0600 (CST)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.cbsnews.com/8301-205_162-57547502/sec-left-stocks-data-vulnerable-to-hackers-report/ CBS News November 9, 2012 WASHINGTON -- Securities and Exchange Commission staffers left highly-sensitive information from stock exchanges open to hacking and cyber-attacks because they didn't adequately protect the security of some computers and other electronic devices, according to Reuters, citing people familiar with what happened. The new agency's sources added that there were no signs that any hacking or spying occurred. The devices "belonged to a handful of employees in an office within the SEC's Trading and Markets Division. That office is responsible for making sure exchanges follow certain guidelines to protect the markets from potential cyber threats and systems problems," Reuters says. Some of them even brought the devices to a Black Hat conference, where experts get together to talk about the latest trends in hacking. It wasn't clear why the staffers did that, Reuters says. The lapses are spelled out in a report that SEC Interim Inspector General Jon Rymer hasn't released yet, Reuters reports. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- SEC left stocks data vulnerable to hackers: Report security curmudgeon (Nov 12)