County computer security breach traced to Europe

[Erica Absetz <erica () riskbasedsecurity com>]

http://globegazette.com/news/local/county-computer-security-breach-traced-to-europe/article_705bb77e-ac86-11e2-a767-001a4bcf887a.html

MASON CITY — Cerro Gordo County supervisors learned Tuesday a security
breach of the county computer system was caused by someone with a
European IP address.

County Treasurer Pat Wright said the breach appears to have affected
just one county computer, which was targeted by the hacker.

“It was a one-in-a-million hit,” said Wright.

The incident occurred in February and was first thought to have
originated with Shazam, a financial clearinghouse used by the county
and other governments for transactions involving millions of dollars.

No theft occurred but county officials said it was possible the hacker
gained access to county employees’ personal information since many
have their paychecks direct-deposited.

The county hired McGladrey & Pullen to perform a review analysis and
forensic services on an additional county computer and will continue
to monitor the county network, said Wright.

“We’ve been told our firewall was effective and we will continue to
review our security measures,” she said.

Wright said the FBI has possession of the computer but declined any
further comment so as not to hinder an ongoing investigation.

She said the county is working with McGladrey and various authorities
to make sure no further problems occur.

After the breach was discovered, the county also hired TrustedID of
Palo Alto, Calif., to help individual employees guard against possible
identity theft.

The county is picking up the cost, which is $93.75 per employee.

County Administrative Officer Tom Drzycimski told supervisors Tuesday
62 employees have signed up, about one-fourth of the work force.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.