funsec mailing list archives

Previous By Date Next
Previous By Thread Next

South Carolina Taxpayer Data Breach Report Shows Protections Inadequate, Attorney Says

From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 5 Dec 2012 17:53:36 -0500
Interesting facts from this breach. I suppose its because a state was
involved, and not a corporation that could bury the facts and then
claim an "APT" got them.

Disappointing statements: "[South Carolina] were IRS-compliant" and
"Governor Calls on IRS to Require Encryption."

http://www.bna.com/south-carolina-taxpayer-n17179871241/

A recently released report analyzing a cyber-attack on the South
Carolina Department of Revenue's database demonstrates the inadequacy
of taxpayer protection efforts by state agencies and officials, a
lawyer who filed a lawsuit over the issue told BNA Nov. 26.
...

According to Mandiant's report, released Nov. 20, the attack appeared
to have begun through a phishing email sent to multiple Department of
Revenue employees. At least one agency employee clicked on a link
embedded in the email, which likely executed malware that stole the
worker's user name and password, the company said in its report.

Those credentials were later used to access other agency systems and
databases and install malicious software. A total of 44 systems were
compromised by the attacker, and at least 33 pieces of malicious
software and utilities were used to perform the attack and steal data,
the report found.
...

According to Haley, the investigation determined that the Social
Security information of 3.8 million taxpayers, information belonging
to 699,900 businesses, 3.3 million bank accounts, and 5,000 credit
cards were compromised through the attack. The attack only impacted
filers of electronic returns, and all affected taxpayers have been
identified and will be notified, the governor said.

Haley said the state's use of “1970 equipment, combined with the fact
that we were IRS-compliant” was “a cocktail for an attack.” According
to the governor, “every state needs to be looking at this.”
...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: