BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

[Dataloss] Virus causes data breach at state websites

From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Tue, 17 May 2011 17:03:44 -0400
http://www.boston.com/business/ticker/2011/05/virus_causes_da.html

Personal information about an unknown number of Massachusetts
residents may have been stolen from the Massachusetts Executive Office
of Labor and Workforce Development, after hundreds of the agency's
computers were infected with a computer worm.

"Unfortunately, like many government and non-government organizations
we were targeted by criminal hackers who penetrated our system with a
new strain of a virus," said Joanne F. Goldstein, the commonwealth's
secretary of labor and workforce development, in a statement released
this afternoon. "All steps possible are being taken to avoid any
future recurrence.”

About 1,500 computers in the departments of Unemployment Assistance
and Career Services and at the state's One Stop Career Centers were
infected with a computer virus called W32.QAKBOT, which is designed to
allow an attacker to take control of infected computers and to steal
information stored on the machines.

The agency first detected the presence of the virus on April 20, and
took immediate steps to disinfect its machines. But yesterday, the
agency said that the virus "was not remediated as originally believed
and that the persistence of the virus resulted in a data breach."
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/

_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/
Previous By Date Next
Previous By Thread Next

Current thread: