Jan 15

Monday Morning News Kick Off: Facebook Enables ‘One-Click’ Identity Theft; ‘Call of Duty’ Gamers Hack Medical Server (For Real); World Cup Data Safe

Theft Protection No Comments »

Welcome to the Monday Morning News Kick Off post from the ITAC blog. In honor of Martin Luther King, Jr. Day, we are doing a “light” post today on all current identity theft, data breach and cyber security news (all in one convenient spot). For those of us who are not working today, we hope you can take a moment to remember what this day is really all about — honoring an individual who has played a major role in promoting racial equality in the United States.

Facebook Enables One-Click Identity Theft Option for Rogue Application Developers In a move that could herald a new level of danger for Facebook users, third party application developers are now able to access your home address and mobile phone number. Facebook has announced that developers of Facebook apps can now gather the personal contact information from their users. I realize that Facebook users will only have their personal information accessed if they “allow” the app to do so, but there are just too many attacks happening on a daily basis which trick users into doing precisely this. Facebook is already plagued by rogue applications that post spam links to users’ walls, and point users to survey scams that earn them commission – and even sometimes trick users into handing over their cellphone numbers to sign them up for a premium rate service.

‘Call of Duty’ Gamers Hack Medical Server Nothing, not even the law, is going to stop gamers from playing “Call of Duty.” On Tuesday, Seacoast Radiology in Rochester, N.H. notified all potentially affected patients that its server had been hacked in November, exposing the names, dates of birth, addresses, Social Security numbers and medical procedure codes of 231,400 people. But unlike most cyberattacks, the hackers in this case weren’t interested in identity theft. Their goal? They wanted to play ” Call of Duty: Black Ops,” and they needed a powerful server to host their session. On Nov. 12 at 2:00 a.m. — only three days after the video game went on sale — the hackers hijacked Seacoast’s server, staying for a total of 4-1/2 hours, Don Wood, Seacoast Radiology’s business manager, told SecurityNewsDaily.

Skimming Fight: New Tech a Must Card fraud will increase in 2011, says Avivah Litan, Gartner Research vice president and distinguished analyst. Skimming attacks will be more sophisticated and globally coordinated. “Flash attacks,” which rely on coordinated, often international, efforts to simultaneously withdraw funds from multiple ATMs, are just the beginning. Add the increasing sophistication of the technology used by fraudsters, including Bluetooth and other wireless communications for the transmission of stolen cardholder data, and it’s clear banking institutions, merchants and the card networks have an uphill battle ahead of them. That’s not to say the battle can’t be won, Litan says. It just means the fight will require new techniques and different perspectives. “There is more discussion now than ever about stronger cardholder authentication, which means even if the data is skimmed at a point of sale or at a gas pump, it can’t be used without the physical card in the person’s hand,” she say. “It used to be, on debit, that the bank had enough authentication with just the PIN. Now, all of that is being broken by the latest trend of attacks, so banks are getting much smarter in the way they are approaching fraud detection and the systems are getting more sophisticated.”

Fans’ Data Deemed Safe After Reported World Cup Breach UK football fans are in the clear after a World Cup football ticket data breach scare broke last year. Following reports in Norway that the UK could be a source of a leaked database of personal details on 250,000 football fans, the UK Information Commissioner’s Office (ICO) investigated. It was reported the database contained details of those fans internationally who had purchased tickets for football matches for the 2006 FIFA World Cup in Germany. The database was believed to have been unlawfully sold on the black market, following allegations made in the Norwegian newspaper “Dagbladet”. The newspaper alleged that personal information, including the passport details of 35,689 ticket purchasers from the UK, were included on a database that had been sold to an organisation in Norway.

Recent Data Breach at the Pentagon Federal Credit Union Last month, the Pentagon Federal Credit Union (PenFed) discovered that a laptop infected with malware was used to access a database that contained customers’ personal and financial information, including Social Security numbers and credit card numbers. PenFed says it has identified the source and taken steps to prevent future occurrences. If you were one of the debit or credit customers affected by the data breach, then you received a new card. SecurityNewsDaily reports that Roderick Mitchell, PenFed’s executive vice president of operations, mailed a letter to customers and wrote, “We have no indication that your information has been misused.” Mitchell also stressed that no PINs or passwords were accessed in the incident. But if you’re a PenFed customer – even if you didn’t receive a new debit or credit card – it’s a good idea to watch your accounts to make sure your data is safe. The PenFed Premium Travel Rewards American Express Card was recently included in our roundup of airline and travel rewards cards.

NSA App to Help Recruit Cyber Experts Looking for a job? There’s and app for that. The National Security Agency has unveiled two smartphone applications to help the NSA recruit cybersecurity experts. The NSA app — Career Links — is available through iTunes and delivers real-time agency updates like employment opportunities to iPhone and Droid users. GovInfoSecurity reports that NSA is also employing smartphones’ tagging abilities on many of its print-based recruitment advertisements. This means future recruits can use their phones to scan these tags which will launch a video related to the advertisement’s content. Check out more from FedNewsRadio here.

Similar Posts:

Share

Leave a Reply