Happy Friday to all. Welcome to another edition of our Weekly News Roundup.
Dennis Fisher of Threat Post reports on a breach of the Medicaid and Child Health Insurance Plan in Utah which lead to the leakage of personal information, including Social Security numbers of 181,000 individuals. The intrusion occurred after the Utah Department of Technology Services was compromised by hackers who were able to steal 24,000 files. The attackers were able to gain access to the system by exploiting an error in the authentication system on one of the servers.
On a lighter note, Bill Brenner authored a blog on the CSO Magazine site retelling his first hand experience in falling for the classic "Hello somebody is saying very bad rumors about you...” social engineering trick, which resulted in his Twitter account being hacked and used for spam. “Go ahead and have a good laugh at my expense. I deserve it,” he concludes.
Earlier this week, Lucian Constantin of the IDG News Service reported that Sophos took their partner portal offline and reset all user passwords after signals that a security breach had occurred in the server that hosted it. During a security check, employees discovered unauthorized applications on the server and it was immediately taken offline for further investigation. The full article and further details are at InfoWorld Security Central.
Finally, this week Lisa Rein of the Washington Post authored a great article detailing a virus that infiltrated the Economic Development Administration, a small bureau within the US Commerce Department. In order to avoid a crisis, the EDA unplugged its computer systems and effectively plunged its staff into the dark ages. For more than 81 days, the employees have gone without internet and email and have been communicating with outside parties via the post office and fax. Even now the Commerce Department has no real understanding of what happened. The number of intrusions into federal systems numbered 44,000 in 2011. The complete article is online at washingtonpost.com.