CalPERS, CalSTRS, Genworth Among Those Affected by Moveit Data Breach

Link: https://www.ai-cio.com/news/calpers-calstrs-genworth-among-those-affected-by-moveit-data-breach/

Excerpt:

The California Public Employees’ Retirement System, the California State Teachers Retirement System and Genworth Financial Inc. revealed that some of their clients’ personal information was involved in a data breach that hit third-party vendor PBI Research Services’ Moveit Transfer Application, used by thousands of organizations. 

PBI provides services to pension funds to identify member deaths so that proper payments are made to retirees and beneficiaries and to prevent overpayments or other errors. For life insurance firms like Genworth, the company helps identify the possible eligibility of beneficiaries for death benefits or for policies beneficiaries may not know exist.

According to CalPERS, while the data breach did not impact its information systems, it did impact the personal information of approximately 769,000 members, including retired members, some of whom are inactive members and may soon be eligible for benefits. The pension fund is offering free credit monitoring to retirees and beneficiaries with impacted personal information and is also mailing tips on how to protect their information. CalPERS is also providing information on its website and through its customer contact center.

….

Genworth declined to elaborate on its June 22 SEC filing, in which it said it was notified by PBI of the breach and that it “believes that the personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed.” Genworth stated it is “working to ensure that protection services are provided to those impacted individuals” and that it believes the breach did not impact any of its information systems, including its financial systems, and that there has not been any material interruption of its business operations.

Author(s): Michael Katz

Publication Date: 26 Jun 2023

Publication Site: ai-CIO

Missouri Professor Wants Gov. Parson to Apologize

Link:https://www.governing.com/now/missouri-professor-wants-gov-parson-to-apologize

Graphic:

Excerpt:

A cybersecurity professor who verified the vulnerability that left the Social Security numbers of upwards of 100,000 teachers accessible on a Missouri website is demanding Gov. Mike Parson apologize after he threatened those who exposed the weakness with prosecution.

An attorney for University of Missouri-St. Louis Professor Shaji Khan sent a letter Thursday to Parson, the Missouri Department of Elementary and Secondary Education (DESE) and other agencies telling them to preserve records related to the episode — often a first step before a lawsuit.

The letter is the first indication that Parson may face a legal challenge over his response to a St. Louis Post-Dispatch story last week detailing how Social Security numbers had been left exposed on a DESE website. The day after publication, Parson called a news conference where he threatened the newspaper, its journalists and those who helped them with prosecution — and said law enforcement would investigate.

Author(s): Jonathan Shorman and Jeanne Kuang, The Kansas City Star

Publication Date: 22 Oct 2021

Publication Site: Governing

Banks Share Data to Block Cyberattacks

Link:https://www.wsj.com/articles/banks-share-data-to-block-cyberattacks-11632389402

Graphic:

Excerpt:

Competing banks are cooperating more than ever before to beat cybercriminals.

As the number and sophistication of cyberattacks jumps, financial firms are sharing more threat intelligence with each other, according to the Financial Services Information Sharing and Analysis Center, a nonprofit group that facilitates the exchange of cybersecurity intelligence.

This collaboration has thwarted a number of attacks in the past year, bank executives say.

In September 2020, Santiago, Chile-based Banco Falabella became concerned it would soon come under attack by hackers.

Distributed denial of service attacks, which flood servers with traffic to shut down websites and applications, were rippling across the financial sector as part of a long-running extortion campaign. Meanwhile, certain criminal gangs were besieging Latin American companies in particular with ransomware attacks.

Author(s): James Rundle

Publication Date: 23 Sept 2021

Publication Site: WSJ

U.S. Seizes Share of Ransom From Hackers in Colonial Pipeline Attack

Link: https://www.nytimes.com/2021/06/07/us/politics/pipeline-attack.html

Excerpt:

The Justice Department said on Monday that it had seized much of the ransom that a major U.S. pipeline operator had paid last month to a Russian hacking collective, turning the tables on the hackers by reaching into a digital wallet to snatch back millions of dollars in cryptocurrency.

Investigators in recent weeks traced 75 Bitcoins worth more than $4 million that Colonial Pipeline had paid to the hackers as the attack shut down its computer systems, prompting fuel shortages, a spike in gasoline prices and chaos at airlines.

Federal investigators tracked the ransom as it moved through a maze of at least 23 different electronic accounts belonging to DarkSide, the hacking group, before landing in one that a federal judge allowed them to break into, according to law enforcement officials and court documents.

The Justice Department said it seized 63.7 Bitcoins, valued at about $2.3 million. (The value of a Bitcoin has dropped over the past month.)

Author(s): Katie Benner, Nicole Perlroth

Publication Date: 7 June 2021

Publication Site: New York Times

MTA scare highlights public finance cyber woes

Link: https://fixedincome.fidelity.com/ftgw/fi/FINewsArticle?id=202106070952SM______BNDBUYER_00000179-d86e-df56-a3fd-f8fe8d120001_110.1

Excerpt:

Subway safety in New York took on a new meaning when the Metropolitan Transportation Authority acknowleged a cyber intrusion, which set off loud alarm bells about the rising threat of system hacks.

The MTA is one of the largest municipal issuers and reports linked China’s government to the episode.

Despite MTA officials? assurances of quick troubleshooting and no evidence of compromise to its operational systems, employee or customer information, this marked the latest chilling cybersecurity event for public finance.

Author(s): Paul Burton

Publication Date: 7 June 2021

Publication Site: Fidelity Fixed Income

Meat Supplies Tighten as Cyberattack on JBS Snarls Food Chain

Link: https://www.wsj.com/articles/jbs-meat-plants-face-slow-restart-after-cyberattack-11622633982

Graphic:

Excerpt:

A ransomware attack against JBS SA sent shock waves throughout the U.S. food industry and exacerbated tension between Washington and Moscow, even as the meatpacker restarted plant operations.

JBS said most of its plants resumed operations Wednesday, though some shifts and processing operations remained suspended, according to individual plants’ social-media posts.

….

Meat supplies were already tight before the cyberattack. Surging demand from reopening restaurants, along with production problems at meat plants, are driving up costs of bacon, chicken wings and other products as people continue to make big grocery purchases. Some restaurants and supermarkets have raised prices for consumers as a result.

Distributor Gordon Food Service Inc. bought meat from other suppliers Tuesday while JBS plants were offline, said Jagtar Nijjar, Gordon’s director of imports and commodities. Mr. Nijjar said he expected it to take four business days for its normal order flow from JBS to resume. Normally, he said, Gordon gets more than half of its pork from JBS, at least half a million pounds every week.

U.S. cattle producers, meanwhile, said they were waiting to learn whether they would be able to deliver animals to JBS plants on schedule this week. U.S. meat companies slaughtered 105,000 cattle and 439,000 hogs on Wednesday, down 13% and 9%, respectively, from a week prior, according to USDA data.

Author(s): Jesse Newman, Jacob Bunge

Publication Date: 2 June 2021

Publication Site: WSJ

How China’s attack on Microsoft escalated into a “reckless” hacking spree

Link: https://www.technologyreview.com/2021/03/10/1020596/how-chinas-attack-on-microsoft-escalated-into-a-reckless-hacking-spree

Excerpt:

At first the Chinese hackers ran a careful campaign. For two months, they exploited weaknesses in Microsoft Exchange email servers, picked their targets carefully, and stealthily stole entire mailboxes. When investigators eventually caught on, it looked like typical online espionage—but then things accelerated dramatically.

Around February 26, the narrow operation turned into something much bigger and much more chaotic. Just days later, Microsoft publicly disclosed the hacks—the hackers are now known as Hafnium—and issued a security fix. But by then attackers were looking for targets across the entire internet: in addition to tens of thousands of reported victims in the US, governments around the world are announcing that they were compromised too. Now at least 10 hacking groups, most of them government-backed cyber-espionage teams, are exploiting the vulnerabilities on thousands of servers in over 115 countries, according to the security firm ESET.

Author(s): Patrick Howell O’Neill

Publication Date: 10 March 2021

Publication Site: MIT Technology Review

National Security Risks of Late-Stage Capitalism

Excerpt:

There are two problems to solve. The first is information asymmetry: buyers can’t adequately judge the security of software products or company practices. The second is a perverse incentive structure: the market encourages companies to make decisions in their private interest, even if that imperils the broader interests of society. Together these two problems result in companies that save money by taking on greater risk and then pass off that risk to the rest of us, as individuals and as a nation.

The only way to force companies to provide safety and security features for customers and users is with government intervention. Companies need to pay the true costs of their insecurities, through a combination of laws, regulations, and legal liability. Governments routinely legislate safety — pollution standards, automobile seat belts, lead-free gasoline, food service regulations. We need to do the same with cybersecurity: the federal government should set minimum security standards for software and software development.

Author(s): Bruce Schneier

Publication Date: 1 March 2021

Publication Site: Schneier on Security

Recovering from the SolarWinds hack could take 18 months

Link: https://www.technologyreview.com/2021/03/02/1020166/solarwinds-brandon-wales-hack-recovery-18-months/

Excerpt:

Brandon Wales, the acting director of CISA, the US Cybersecurity and Infrastructure Agency, says that it will be well into 2022 before officials have fully secured the government networks compromised by Russian hackers. The list includes at least nine federal agencies, including the Department of Homeland Security and the State Department. Even fully understanding the extent of the damage will take months.

“I wouldn’t call this simple,” Wales says. “There are two phases for response to this incident. There is the short-term remediation effort, where we look to remove the adversary from the network, shutting down accounts they control, and shutting down entry points the adversary used to access networks. But given the amount of time they were inside these networks—months—strategic recovery will take time.”

Author(s): Patrick Howell O’Neill

Publication Date: 2 March 2021

Publication Site: MIT Technology Review