Tag Archive for: they’ve

Hackers say they’ve published data stolen from St. Louis’ Metro Transit

/in


ST. LOUIS — An anonymous hacker group says it has published data it stole from a regional transportation agency here.

It was not immediately clear what data was published or whether it included sensitive personal information. The hackers earlier this week demanded a ransom be paid or they would release stolen information from the regional transportation system Metro Transit, including passports, Social Security numbers and tax information.

Taulby Roach, the CEO and president of Bi-State Development, which operates Metro Transit, said Thursday the agency did not pay the ransom but did not release more details about the demand.

A union that represents many of Metro Transit’s 1,800 employees said no employees have reported instances of identity theft or other malicious activity stemming from the hack.

Roach said no customer data was stolen, and any impacted employees will be notified.

People are also reading…

Employees were told of the data breach earlier this week and offered free credit monitoring through TransUnion, a credit reporting agency.

“We are unaware of any instances where sensitive employee information has been used maliciously,” Roach said in a statement. “However, we encouraged employees to register as soon as possible for the free credit monitoring services and heightened vigilance by our employees for suspicious links or suspicious credit activity.

Brett Callow, an analyst with the New Zealand-based cybersecurity firm Emsisoft, shared a screenshot with the Post-Dispatch that showed files containing what the hackers claimed late Wednesday was stolen Metro data.

Callow said it’s impossible to know exactly what’s in the files without downloading and viewing them, which he said he wouldn’t do because he sees it as an invasion of privacy.

The screenshot was published on an unregulated part of the internet called the dark web, which hackers often use to publish ransom threats and…

Source…

Ho-Chunk say they’ve engaged security experts to probe Dells casino computer system failure | Local News

/in


The Ho-Chunk Nation said Thursday that it has engaged cyber security experts to investigate an “incident” that affected the tribe’s computer systems last month, leading to a four-day shutdown of its Wisconsin Dells casino.

Still unclear is whether the incident constituted a hack and whether any customers of the tribe’s Dells casino and other businesses had their personal data exposed.

Ho-Chunk Gaming in Wisconsin Dells reopened at 1 p.m. Aug. 30 after announcing the “major computer systems failure” on its Facebook page the morning of Aug. 26. While the property’s hotel and RV park remained open, all gaming, ATM service, restaurants and other amenities were completely or partially shut down.

The tribe said nothing else about the incident until Thursday afternoon, when it released a statement saying cybersecurity experts had been hired and that “to date, the investigation found no evidence that any tribal member’s personal information is at risk because of this incident.”

“No one specific individual was targeted, and our investigation found no evidence that personal or tribal information was taken by an unauthorized person,” the statement said.

Tribe spokesperson Ken Luchterhand said he didn’t know whether the systems failure was the result of a hacking or whether the personal information of gamblers or other of the tribe’s customers might have been exposed. He referred questions from the Wisconsin State Journal to the tribe’s attorney general, Scott Seifert, whose office referred the newspaper back to Luchterhand, who had not returned another call for comment.

Source…

NYPD can’t count cash they’ve seized because it would crash computers

/in

(credit: See-ming Lee)

The New York City Police Department takes in millions of dollars in cash each year as evidence, often keeping the money through a procedure called civil forfeiture. But as New York City lawmakers pressed for greater transparency into how much was being seized and from whom, a department official claimed providing that information would be nearly impossible—because querying the 4-year old computer system that tracks evidence and property for the data would “lead to system crashes.”

The system, the Property and Evidence Tracking System (PETS), was built on top of SAP’s enterprise resource planning software platform and IBM’s DB2 database by Capgemini in 2012, and was used as a flagship case study by the company. PETS replaced the long-established paper-based evidence logging system used by the department, and was supposed to revolutionize evidence and property tracking. It was even submitted for the 2012 Computerworld Honors, an awards program honoring “those who use Information Technology to benefit society.”

Even with the system, however, the NYPD’s Assistant Deputy Commissioner Robert Messner told the New York City Council’s Public Safety Committee that the department had no idea how much money it took in as evidence, nor did it have a way of reporting how much was seized through civil forfeiture proceedings—where property and money is taken from people suspected of involvement in a crime through a civil filing, and the individuals whom it is seized from are put in the position of proving that the property was not involved in the crime of which they were accused.

Read 3 remaining paragraphs | Comments

Technology Lab – Ars Technica

Researchers claim they’ve developed a better, faster Tor

/in

Tor, the world’s largest and most well-known “onion router” network, offers a degree of anonymity that has made it a popular tool of journalists, dissidents, and everyday Internet users who are trying to avoid government or corporate censorship (as well as Internet drug lords and child pornographers). But one thing that it doesn’t offer is speed—its complex encrypted “circuits” bring Web browsing and other tasks to a crawl. That means that users seeking to move larger amounts of data have had to rely on virtual private networks—which while they are anonymous, are much less protected than Tor (since VPN providers—and anyone who has access to their logs—can see who users are).

A group of researchers—Chen Chen, Daniele Enrico Asoni, David Barrera, and Adrian Perrig of the Swiss Federal Institute of Technology (ETH) in Zürich and George Danezis of University College London—may have found a new balance between privacy and performance. In a paper published this week, the group described an anonymizing network called HORNET (High-speed Onion Routing at the NETwork layer), an onion-routing network that could become the next generation of Tor. According to the researchers, HORNET moves anonymized Internet traffic at speeds of up to 93 gigabits per second. And because it sheds parts of Tor’s network routing management, it can be scaled to support large numbers of users with minimal overhead, they claim.

Like Tor, HORNET encrypts encapsulated network requests in “onions”—with each layer being decrypted by each node passing the traffic along to retrieve instructions on where to next send the data. But HORNET uses two different onion protocols for protecting anonymity of requests to the open internet and a modified version of Tor’s “rendezvous point” negotiation for communication with a site concealed within the HORNET network.

Read 6 remaining paragraphs | Comments


Ars Technica » Technology Lab