Report: 340M Americans’ Personal Data Leaked

https://image.zype.com/593087b25d3c19148e001735/5b364a5845793d130d0000ff/custom_thumbnail/1080.jpg

(Photo Credit: Luis Gomes/Pexels)

 

Cybersecurity expert says the information was on a publicly accessible server.

According to a new report, a data leak of personal information has far surpassed the Equifax leaks, and could affect nearly every American.

According to WIRED magazine, cybersecurity expert Vinny Troia has discovered that the Palm Coast, Fla., based data broker Exactis exposed a database with the personal data of 340 million individual accounts onto a publicly accessible server. Anyone who knew which server to look at had immediate access to nearly 2 terabytes of personal data—including the following from an estimated 340 million people and businesses: Continue reading

FBI warns that hackers are targeting state election systems

Voter registration databases from two states were reportedly targeted in the hacks

The FBI has reportedly found evidence that foreign hackers breached two state election databases in recent weeks.

An FBI alert warning election officials about the breach was leaked, and it was posted in a report by Yahoo News on Monday. Voter registration databases from both Illinois and Arizona were targeted in the hacks, according to the report.

Continue reading

Global terror suspect database leaked onto Internet

British cyber researcher Chris Vickery discovered that his database with details on those suspected of terrorism, money laundering and organized crime had been hacked and published on the Internet, the BBC said on Wednesday. Continue reading

OPM Announces More Than 21 Million Affected by Second Data Breach

The federal personnel agency announced Thursday a massive hack.

More than 21 million Social Security numbers were compromised in a breach that affected a database of sensitive information on federal employees held by the Office of Personnel Management, the agency announced Thursday.

That number is in addition to the 4.2 million social security numbers that were compromised in another data breach at OPM that was made public in June.

Of the 21.5 million records that were stolen, 19.7 million belonged to individuals who had undergone background investigation, OPM said. The remaining 1.8 million records belonged to other individuals, mostly applicants’ families.

Continue reading

US spies voiced concerns about Fed database prior to massive hack

Until a few years ago, however, Scattered Castles, the database containing security clearance applications for the US Intelligence Community, was not connected to the OPM database. But in 2010, new legislation aiming to eliminate the growing backlog in processing security-clearance applications required that Scattered Castles be merged with the OPM database. The proposed move, which aimed to create a unified system for processing security clearances made sense in terms of eliminating bureaucratic overlap and reducing duplication within the federal apparatus. Continue reading

The biggest heist of secret US personnel data in cyber history is still ongoing

As was mentioned just the other day, all U.S. intelligence agencies have been compromised in addition to all other government entities that were attacked.

 

The White House has admitted that systems containing deeply personal information, submitted by current, former and prospective federal government employees for security clearances, had been “exfiltrated.” If the breach of the Office of Personnel Management (OPM) was conducted by hackers linked to China, as suspected, access to the Standard Form 86 submitted by an estimated 41 million federal employees provided them with what may be the world’s largest stolen data base of US intelligence and military personnel.

This is a “gold mine” of unencrypted data that leave US intelligence officers, for example, open to blackmail or coerced recruitment.

While officials speak of two hacks, debkafile’s cyber security and intelligence experts report that it was a single breach and is still ongoing. Known to experts as an “Advanced Persistent Threat,” it amounts to slow, continuous penetration by a computer virus, planted in an individual computer of a network which duplicates itself gradually and insidiously. Continue reading

Union: Hackers have personnel data on every federal employee

So, basically you can now say that the CIA, NSA, FBI et al have been compromised and are now in a Chinese database for future operations.

 

WASHINGTON (AP) — Hackers stole personnel data and Social Security numbers for every federal employee, a government worker union said Thursday, charging that the cyberattack on U.S. employee data is far worse than the Obama administration has acknowledged.

Sen. Harry Reid, the Democratic leader, said on the Senate floor that the December hack into Office of Personnel Management data was carried out by “the Chinese.” Reid is one of eight lawmakers who is briefed on the most secret intelligence information. U.S. officials have declined to publicly blame China, which has denied involvement. Continue reading

NOAA Employee Charged With Computer Breach Met Senior Chinese Official in Beijing

This is a new development in what was previously posted, showing the level of access and its official state support.

 

A federal weather service employee charged with stealing sensitive infrastructure data from an Army Corps of Engineers database met a Chinese government official in Beijing, according to court documents that reveal the case to be part of an FBI probe of Chinese economic espionage.

Xiafen “Sherry” Chen, an employee of the National Oceanic and Atmospheric Administration (NOAA) office in Ohio, was arrested in October and charged in a federal grand jury indictment with illegally accessing the Army’s National Inventory of Dams (NID).

The NID is a sensitive database containing information on all U.S. dams. U.S. intelligence officials have said the database was compromised by Chinese hackers in 2013 as part of covert efforts by Beijing to gather sensitive information on critical U.S. infrastructure for possible use in a future conflict. Continue reading

Chinese Woman Arrested for Downloading Files on Vulnerabilities in US Dams

It’s not hard to imagine, after obtaining information such as this, seeing key dams failing. How would this happen? Not necessarily with terrorist bombings, but with cyberwarfare. If you wanted to physically take them down via power grids, as a professional hit team had done in California, you need only to take out nine substations to indefinitely cripple America and potentially kill hundreds of millions from the aftereffect. It’s already on the edge of failure now as we speak. On the cyberwarfare front, you only need to take advantage of the SCADA system (See also HERE and HERE) that remains largely unprotected and vulnerable as well.

America is in the final phase of a perfect storm overseeing its collapse (on the economic and social front as well) that could happen at any given time as it is now past the point of no return in protecting itself. It can’t even screen itself from espionage in its vital infrastructure, as seen in this article. Having said that, it’s not hard to see that America’s adversaries have first strike capability, and therefore likely checkmate.

But hey, no time for that, we have a MLB World Series to watch and cheap (sometimes toxic) Chinese goods to scuffle over on Black Friday.

 

A sensitive database that lists vulnerabilities in every major U.S. dam was breached last year in an attack traced back to the Chinese regime. The security breach had U.S. officials worried that China could be planning to attack America’s power grid.

Now, one year later, a Chinese woman was arrested for breaching that same network. Xiafen “Sherry” Chen, 59, was arrested on Oct. 20 for allegedly downloading the sensitive files on U.S. dams and for lying to federal investigators.

The registry Chen allegedly accessed and downloaded ranks the dams by the number of Americans who would die if they failed, according to Nextgov. It also lists vulnerabilities that could be exploited in the dams, which could be used by a hostile nation to attack the United States. Continue reading

Five unanswered questions about massive Russian hacker database

 There’s still much that’s unclear about Tuesday’s revelation that a small group of hackers in Russia have amassed a database of 1.2 billion stolen user IDs and passwords. The company that disclosed the incident, Hold Security, didn’t offer any fresh information Wednesday, but here are five questions we’d like to see answered (and a bonus one that we already know the answer to).

What are the hackers going to do with them?

The answer to this depends partly on the previous two questions. If they are fresh credentials for important services like online banking, they are ripe to be used to siphon money from online accounts. If they are older or from little-used services, they might be used to send spam by email or post it in online forums. Continue reading

New leaker disclosing U.S. secrets, government concludes

(CNN) — The federal government has concluded there’s a new leaker exposing national security documents in the aftermath of surveillance disclosures by former NSA contractor Edward Snowden, U.S. officials tell CNN.

Proof of the newest leak comes from national security documents that formed the basis of a news story published Tuesday by the Intercept, the news site launched by Glenn Greenwald, who also published the Snowden’s leaks. Continue reading

Hackers Claim To Have Exposed 170,000 Military Email Accounts

The hacker group known as LulzSec appears to be back after many months of laying low, claiming to have exposed the accounts of nearly 171,000 members of the military.

The group, which in 2011 went after government agencies and companies including the FBI, CIA, Sony and the Public Broadcasting Service, claims to have exposed the email accounts of thousands of members on the website MilitarySingles.com.

“There are emails such as @us.army.mil; @carney.navy.mil; @greatlakes.cnet.navy.mil; @microsoft.com; etc.,” the group said in a note posted on the website PasteBin.

The group said it dumped a database including a total of 170,937 email accounts from the website, which bills itself as “the dating site for single soldiers.”

Full story: Hackers Claim To Have Exposed 170,000 Military Email Accounts (Business Insider)

%d bloggers like this: