Australia admits cyber defences 'inadequate' as medical hack hits millions

France24 – AFP, 26 October 2022 

Hackers have accessed millions of medical records at Medibank, one of Australia's
largest private insurers SAEED KHAN AFP/File

Sydney (AFP) – Hackers accessed millions of medical records at one of Australia's largest private health insurers, the company said Wednesday, prompting the government to admit the nation's cyber safeguards were "inadequate". 

This was the latest in a series of hacks targeting millions of people that have brought Australian companies' lax approach to cyber security into sharp relief. 

Medibank chief executive David Koczkar said information about each of the company's 3.9 million policy holders -- some 15 percent of Australia's population -- had been compromised. 

"Our investigation has now established that this criminal has accessed all our private health insurance customers' personal data and significant amounts of their health claims data," he said in a statement to the Australian stock exchange. 

"This is a terrible crime. This is a crime designed to cause maximum harm to the most vulnerable members of our community." 

The cyber attack was revealed last week, but it was not known until now how many people were impacted. 

The hackers have previously threatened to leak the data, starting with 1,000 famous Australians, unless Medibank pays a ransom. 

Medibank on Wednesday also confirmed it was not insured against cyber attacks, estimating the hack could cost the company as much as Au$35 million (US$22 million). 

The Medibank hack followed an attack on telecom company Optus last month that exposed the personal information of some nine million Australians -- almost a third of the population. 

The Optus attack was one of the largest data breaches in Australian history. 

'Inadequate'

Australia's Attorney-General Mark Dreyfus has previously accused companies of stockpiling sensitive customer data they did not need. 

Firms currently face paltry fines -- Au$2.2 million -- for failing to protect customer data. 

Dreyfus last week said these fines would be ratcheted up to Au$50 million. 

"Unfortunately, significant privacy breaches in recent weeks have shown existing safeguards are inadequate," he said. 

"It's not enough for a penalty for a major data breach to be seen as the cost of doing business." 

Home Affairs Minister Clare O'Neil on Tuesday said the fallout from the Medibank hack was "potentially irreparable". 

"One of the reasons why the government is so worried about this is because of the nature of the data," she told Australia's parliament. 

"When it comes to the personal health information of Australians, the damage here is potentially irreparable." 

O'Neil has previously described hacking as a "dog act" -- an Australian phrase reserved for something especially shameful or despicable.

Private psychotherapy notes leaked in major Finnish hack

Yahoo – AFP, 26 October 2020

The confidential treatment records of tens of thousands of psychotherapy patients in Finland have been hacked and some leaked online, in what the interior minister said Monday was "a shocking act." 

Many victims of the hack reported receiving emails with a demand for 200 euros
($236) in bitcoin to prevent the contents of their discussions with therapists
being made public. (Nicolas Asfouri)

Distressed patients flooded victim support services over the weekend as Finnish police revealed hackers accessed records belonging to private company Vastaamo, which runs 25 therapy centres across Finland. 

Thousands have filed police complaints over the breach, they added. 

Many patients reported receiving emails with a demand for 200 euros ($236) in bitcoin to prevent the contents of their discussions with therapists being made public. 

"The Vastaamo data breach is a shocking act which hits all of us deep down," Interior Minister Maria Ohisalo wrote on her website on Monday. 

Finland must be a country where "help for mental health issues is available and it can be accessed without fear." 

Ministers met for crisis talks this weekend, with further emergency discussions tabled for the coming week over the unprecedented data breach. 

"We are investigating an aggravated security breach and aggravated extortion, among other charges," Robin Lardot, the director of Finland's National Bureau of Investigation, told a news conference at the weekend. 

Lardot added that they believed the number of patients whose records had been compromised numbered in the tens of thousands. 

On Monday evening, Vastaamo said it had fired its CEO, Ville Tapio, after an internal enquiry discovered that he had concealed a March 2019 data breach from the board and the firm's parent company. 

The firm admitted flaws in the security of its customer data, "which allowed criminals to break into the database up until March 2019," Vastaamo said in a statement. 

The company's owner, PTK Midco Oy, on Monday launched court proceedings "in relation to its May 2019 purchase of Vastaamo," the statement added. 

'Justifiably worried' 

Security experts reported that a 10-gigabyte data file containing private notes between at least 2,000 patients and their therapists had appeared on websites on the so-called dark web. 

The hack, which targeted some of society's most vulnerable including children, has caused widespread shock in the Nordic country of 5.5 million, with ministers gathering on Sunday to discuss how to support the patients whose sensitive data had been leaked. 

"It is absolutely clear that people are justifiably worried not only about their own security and health but that of their close ones, too," Ohisalo told reporters late on Sunday. 

On Monday, authorities launched a website for victims of the cyberattack, offering advice and telling them not to pay the ransom demand. 

"Do not communicate with the extortionist, the data have most likely already been leaked elsewhere," the "Data Leak Help" site said. 

Mental health and victim support charities reported being overwhelmed with calls from distressed people fearing that their intimate conversations with their therapists would be publicly released. 

Nothing 'to be ashamed of' 

One of the recipients of a blackmail threat, the former MP Kirsi Piha, tweeted a screenshot of the ransom message along with a defiant reply to the hackers. 

"Up yours! Seeking help is never something to be ashamed of," Piha wrote. 

"I've seen a lot, but I haven't seen this," Mikko Hypponen, chief research officer at data security firm F-Secure said in a statement. 

"I don't think there's a crime in our criminal history which would have more victims than this one." 

Hypponen, an internationally renowned cybersecurity specialist, said the perpetrator used the alias "ransom_man", and said he was only aware of one other patient blackmail case, where a cosmetic surgery clinic in Florida had a smaller amount of data stolen in 2019. 

On Monday, Finland's social care regulator said in a statement it was investigating Vastaamo's practices, including how well patients were kept informed of the breach. 

Meanwhile, the head of the state digital services agency DVV, Kimmo Rousku, said that the cyberattack could have been avoided if Vastaamo had used better encryption. 

DVV published a checklist on Monday for firms to make sure their digital security is in order. 

"Management needs to wake up," Rousku told public broadcaster Yle. 

A phone line offering legal advice had also been set up, the country's consumer authority announced.

EncroChat messages reveal at least ten cases of ‘bent coppers’ leaking info

DutchNews, September 17, 2020 

The investigation into millions of messages between criminals via encrypted service provider EncroChat has also yielded proof of police corruption and a special team has been tasked with the prosecution of the officers involved, police havesaid. 

Officials have not yet said how many police officers are involved and at what level, but at least two have been arrested following the EncroChat operation. 

Sources cited by the Telegraaf  say 10 serious cases involving the leak of information to criminals are currently being investigated. The search also yielded information about a network of lawyers, real estate brokers and notaries whose services helped criminals launder money, they said. 

Police did confirm information had been leaked to criminals but would not say more for operational reasons.  The sheer volume of messages – over 20 million – that have to be followed up must be dealt with meticulously to avoid false claims of corruption, police said. 

However, the first signs are serious enough to warrant a special team, police chief Henk van Essen said. ‘We have started a number of prosecutions and more will follow. The information on drug deals and money laundering as well as the corruption in the force have been given the highest priority.’ 

Van Essen said that there have always been ‘bent coppers’ but the fact that their number is increasing is worrying. 

‘A policeman can become corrupt through blackmail but can also simply be bought,’ Van Essen said. ‘Information is a goldmine for criminals. It can be anything from information on current investigations and people to addresses and cars. They are always on the lookout for people with access to this type of information, not only in the force but in companies as well.’ 

Software to flag up suspicious search behaviour by officers will be introduced next year, Van Essen said. ‘But we don’t want to check each and every email or app. We want a system built on trust but we must be realistic. There is corruption and we want to stamp it out. And an operation like EncroChat shows that no one is beyond the reach of the law.’

Realted Article

Dutch detectives unravel 3.6 million encrypted emailssent by criminals

EU adopts powers to respond to cyberattacks

Yahoo – AFP, Lachlan CARMICHAEL, May 17, 2019

EU ministers said the 28-nation group would, for the first time, be able to impose
asset freezes and travel bans on individuals, firms and state bodies implicated
in cyberattacks (AFP Photo/Kirill KUDRYAVTSEV)

Brussels (AFP) - The European Union on Friday adopted powers to punish those outside the bloc who launch cyberattacks that cripple hospitals and banks, sway elections and steal company secrets or funds.

EU ministers meeting in Brussels said the 28-nation group would now, for the first time, be able to impose asset freezes and travel bans on individuals, firms and state bodies implicated in such attacks.

"The Council (of EU countries) established a framework which allows the EU to impose targeted restrictive measures to deter and respond to cyberattacks," it said in a statement.

It added that sanctions will be considered if a cyberattack is determined to have had a "significant impact" on its target.

The goal is to bolster the security of EU institutions, firms and individuals against what Britain called an increase in the "scale and severity" of cyberattacks globally.

"This is decisive action to deter future cyberattacks," British Foreign Secretary Jeremy Hunt said after Britain and its EU partners drafted the measures.

"For too long now, hostile actors have been threatening the EU’s security through disrupting critical infrastructure, attempts to undermine democracy and stealing commercial secrets and money running to billions of euros," Hunt said.

"Our message to governments, regimes and criminal gangs prepared to carry out cyberattacks is clear," Britain's top diplomat added.

"Together, the international community will take all necessary steps to uphold the rule of law and the rules based international system which keeps our societies safe.”

The British government has pledged to continue close cooperation with the EU after it leaves the bloc in line with the 2016 referendum.

'Big step forward'

Under the sanctions regime, diplomats said, the 28 EU countries would have to vote unanimously to impose sanctions after meeting a legal threshold of significant impact.

British Foreign Secretary Jeremy Hunt (pictured April 2019) said that "the international 

community will take all necessary steps to uphold the rule of law" (AFP Photo/Daniel 

LEAL-OLIVAS)

For example, countries would look at the scope and severity of disruption to economic and other activities, essential services, critical state functions, public order or public safety, diplomats said.

They would examine the number of people and EU countries affected and determine how much money, intellectual property and data have been stolen.

EU diplomats told reporters it could also cover the hacking of European elections by a third party or country. Elections for a new European Parliament take place May 23-26.

In line with US intelligence assessments, EU officials highlight in particular the threat of disinformation and election hacking from Russia.

EU countries would also study how much the perpetrator has gained through such action.

A Dutch diplomat told reporters that the powers amount to a "big step forward" toward building a more secure cyberspace.

European leaders in October had called for a regime to impose sanctions against cyberattacks.

US and European police said Thursday they have smashed a huge international cybercrime network that used Russian malware to steal 100 million dollars from tens of thousands of victims worldwide.

EU diplomats said the bloc will now start drawing up a blacklist for potential sanctions in cyberattack cases.

A number of powerful people close to Russian President Vladimir Putin appear on a blacklist of 164 Russians and Ukrainians that was established after Moscow's annexation of the Crimean peninsula in 2014.

Those blacklisted are under travel bans and asset freezes just like those that would be imposed on those implicated in cyberattacks.

Global $100 mln cybercrime gang busted

Yahoo – AFP, Sara MAGNIETTE, May 16, 2019

Prosecutions have been launched in Georgia, Moldova, Ukraine and the United
States over a huge international cyber scam, while five Russians charged in the US
remain on the run (AFP Photo/Kirill KUDRYAVTSEV)

The Hague (AFP) - US and European police said Thursday they have smashed a huge international cybercrime network that used Russian malware to steal $100 million (89 million euros) from tens of thousands of victims worldwide.

Prosecutions have been launched in Georgia, Moldova, Ukraine and the United States over the scam, while five Russians charged in the US remain on the run, the EU police agency Europol said.

The "organised crime network behind $100 million in malware attacks" targeted "more than 41,000 victims, primarily businesses and their financial institutions," Europol said.

Police in Germany and Bulgaria were also involved.

The cyber gang used GozNym malware to infect victims' computers, steal their online banking login details and then siphon money from their accounts.

The stolen money was then laundered in US and other accounts.

Scott Brady, the US Attorney General for the western district of Pennsylvania where the US indictment was unsealed, said the operation was an "unprecedented" international effort.

"Unsuspecting European and American victims thought they were clicking on a simple invoice, but were instead giving hackers access to their most sensitive information," Brady added.

The alleged leader of the GozNym criminal network, Alexander Konovolov, 35, of Tbilisi, who goes by the online name "NoNe", was arrested in the former Soviet state of Georgia, the US Department of Justice said.

US Attorney for the Western District of Pennsylvania Scott Brady (pictured October 2018) 

said the operation was an "unprecedented" international effort (AFP Photo/ALEX WONG)

His alleged technical assistant Marat Kazandjian, 31, aka "phant0m," was also arrested in Georgia.

'Fled to Russia'

Konovolov recruited hackers who advertised their services on "Russian-speaking online criminal forums", and eventually controlled the malware-infected computers of more than 41,000 victims, Europol said.

The five Russians charged in the US included the alleged developer of the malware, identified as Vladimir Gorin, but they cannot be extradited because Russia does not send suspects abroad.

Gorin "oversaw its creation, development, management and leasing to other cyber criminals" including the Georgian alleged leader of the group, Europol said.

One of the Russians, Viktor Eremenko, was arrested in Sri Lanka at the request of US authorities in 2017 but "through the intervention of the Russian government" was freed on bail, after which he fled to Russia.

Bulgarian Krasimir Nikolov was arrested and extradited to the United States in 2016 and has already pleaded guilty to the charges in the indictment, the DOJ said.

Ukrainian police meanwhile arrested Gennady Kapkanov, 36, also known as "firestarter", on suspicion of hosting a so-called "Avalanche" network that provided services to more than 200 cybercriminals including the Georgians.

He allegedly fired an assault rifle through the door of his apartment at police, the DOJ said.

Europol announced the smashing of the Avalanche network in a major operation in 2016, saying that it had infected half a million computers in 188 countries.

The latest operation was a follow-up from that, Europol said.

Probe after 117,000 job seekers’ CVs are skimmed from UWV website

DutchNews, May 6, 2019

An investigation has been ordered after 100,000 CVs have been illegally downloaded from the website of the employees’ insurance agency UWV. 

Social affairs minister Wouter Koolmees said the 117,000 resumes had been accessed over a period of two weeks from the website werk.nl using the account of a UWV staff member. The employee in question claimed to have been unaware of the activity. 

The national cybersecurity centre NCSC and the privacy watchdog Autoriteit Persoonsgevevens have been informed and the incident has been reported to the police. All those involved have been contacted by the UWV to warn them to watch out for phishing scams and other online fraud. 

IT experts said the episode highlighted weak security at the UWV, which uses the werk.nl website to share the CVs of jobseekers with employers. Jobseekers have the option of uploading ‘open’ CVs, which are freely available, or ‘closed’, meaning they are available on request.

‘Every company that has an account with werk.nl can see job seekers’ details,’ René Veldwijk told Trouw. ‘All that’s happened now is that somebody spent two weeks trawling al those details with a computer programme. It could be criminals, but it could also be a company that wants to use the data to connect job seekers with employees.’ 

He added: ‘The fact that it took two weeks for the UWV to notice that so many CVs were being downloaded shows they’re not looking out for it properly. It was all done through one account. If the perpetrators had been a bit more professional in their approach and used several accounts, the UWV probably still wouldn’t have noticed anything.’

Indian extradited to US from Singapore in call center fraud

Yahoo – AFP, April 20, 2019

Workers in a call center in India: in 2016 US authorities charged five such call centers
with operating fraud schemes targetting South Asians living in the United States
(AFP Photo/AFP)

Washington (AFP) - Singapore has extradited an Indian national to the United States to face charges in a call center fraud that scammed millions of dollars from victims in the United States, the Justice Department announced Friday.

Hitesh Madhubhai Patel, 42, of Ahmedabad, India, was scheduled to be arraigned Friday in a Houston, Texas federal court for his role in a case that was first announced in 2016, charging 60 people with wire fraud and money laundering conspiracy.

Patel ran the HGlobal call center, one of five India-based operations which allegedly worked together in an operation which targeted mostly South Asians living in the United States.

Callers pretending to be US tax or immigration officials threatened them with arrest and deportation if they did not remit money to the government.

The victims were then directed to people working with the call centers in the United States to collect the "fines" through prepaid debit cards or wire transfers, and the money was quickly laundered out of the country.

"This extradition once again demonstrates the Department's unwavering commitment to disrupt and dismantle the India-based call center scam industry and to work with our foreign partners to hold accountable those who perpetrate schemes that defraud our citizens," said Assistant Attorney General Brian Benczkowski in a statement.

Justice officials said that in the past six years more than 15,000 people have been cheated of over $75 million in scams in which callers pose as agents of the Internal Revenue Service, the federal tax agency.

So far, in the Indian call center case, 24 domestic US defendants have been convicted and sentenced to up to 20 years in prison, the Justice Department said.

"The remaining India-based defendants have yet to be arraigned in this case," they said.

Related Article:

US charges dozens in India-based call center fraud racket

Internet con men ripped off Pathe NL for €19m in sophisticated fraud

DutchNews, November 12, 2018

Photo: Depositphotos.com

The Dutch operation of the Pathé cinema group was ripped off by internet con men to the tune of over €19m, court documents published on Friday show. 

The con cost both the chief executive and financial director of the Dutch operation their jobs, and it is unclear if any of the money has been recovered. 

The court documents, which cover the unfair dismissal case brought by sacked finance chief Edwin Slutter, show in detail how the thieves went about scamming Pathé Nederland earlier this year. 

The first email arrived on March 8, and was apparently sent by the chief executive of the French cinema group to the Dutch chief Dertje Meijer. 

The message asked if KPMG had contacted Meijer that morning. After discussing the issue with financial director Edwin Slutter, Meijer replied to the email: ‘We did not receive anything or a call from him. If you want me to contact him, do you have contact details?’ 

The respondent said the company was involved in a takeover in Dubai and needed her to make a confidential payment of €826,521. The money would be repaid on the 26th of the same month. 

Confidential 

‘The transaction must remain strictly confidential. No one else must be made aware of it for now in order to give us an advantage over our competitors,’ the email said. ‘I and I alone will notify the affected parties in due time.’ 

After more to-ing and fro-ing, Meijer sent the correspondence on to Slutter with the comment ‘strange don’t you think?’ 

On March 9 she received a new mail, confirming the takeover and sending an invoice for the money, which was the first 10% of the acquisition price. The money was to be paid into the bank account operated by Towering Stars General Trading LLC in Dubai. 

On March 13, a second payment of €2,479,563 was made to the same account, followed by a third and fourth payments. By March 27, Pathé Nederland had paid over a total of €19,244,304. 

Questions 

On March 28, Meijer received a final email from the fake company boss, pledging to repay the cash. But that same day questions then began coming in from Pathé headquarters in Paris. 

It was immediately clear that Meijer and Slutter had been victims of fraud. Both Meijer and Slutter were suspended. Their sacking was made public at the end of the month with Pathé ‘s owners stating they no longer had any confidence in them. 

Meijer, who used to run the Amsterdam port authority, had been in the job for less than a year. Slutter, who had years of experience as a KPMG accountant, decided to fight his sacking in court, hence the detailed examination of the fraud in legal documents. 

Outside investigators brought in by Pathé said they had no evidence that both Meijer and Slutter were involved in the fraud or that they had any knowledge of it.

‘Pathe had been the target of a professional group of con men, who had used refined communication techniques to win the trust of several Pathé employees,’ the report is quoted as saying in the court documents. 

Sophisticated 

The court decided that Slutter had been lured in by the con men in a sophisticated trap and that he should not have been sacked in the spot, even though he ignored several red flags.

Nevertheless, there is no question he can return to the company, the court ruled. 

The court went on to state that the employment contract between Slutter and Pathé should be formally dissolved on December 1, but that the former finance chief should be paid his monthly salary of over €13,500 from March until then. 

DutchNews.nl has asked Pathé ‘s head office in Paris to comment on the case. Neither Meijer or Slutter were named in the court documents but both Dutch and French media have identified them as such.

Digital investigation collective Bellingcat to expand into NL

DutchNews, November 2, 2018

Photo: Depositphotos.com 

The British research collective Bellingcat is planning to expand into the Netherlands and to open a permanent office in The Hague, the organisation confirmed to DutchNews.nl on Friday. 

‘The current plan is to open an office in The Hague, which will have teams working on Yemen, Syria, and Libya,’ founder Eliot Higgins said. The office will also host ‘a team focused on working with local groups on local issues’ and more MH17 revelations are on the way, he said. 

Higgins, in the Netherlands for the Den Bosch Data Week, told the NRC in an interview on Friday that the organisation has applied for funding from the Postcode Lottery foundation to help establish the first Bellingcat operation outside the UK.

 The aim is to set up an operation in the Netherlands to support the work of the International Criminal Court in The Hague with open source material, the NRC said. 

Bellingcat was founded in 2014 after a Kickstarter crowdfunding campaign and has since hit the headlines with revelations about shooting down of flight MH17 over Ukraine and the Skripal poisoning case in Britain, among others 

The organisation funds its operations by giving workshops to journalists, students and civil servants as well as donations from both charitable institutions and private individuals.

Russian attempt to hack chemical weapons watchdog in The Hague thwarted

DutchNews, October 4, 2018, Gordon Darroch and Senay Boztas

The OPCW headquarters in The Hague. Photo: Wikimedia Commons 

Dutch intelligence agencies have thwarted an attempt by Russian agents to hack into the wi-fi network of the Organisation for the Prohibition of Chemical Weapons, based in The Hague. 

Four agents from the GRU military intelligence service were ejected from the Netherlands immediately after the attempted breach was intercepted on April 13 this year, major-general Onno Eichelsheim, director of the military intelligence service MIVD, told apress conference in The Hague. He added that the OPCW’s security was not breached. 

The OPCW is carrying out forensic tests in the investigation into the poisoning of the former Russian spy Sergei Skripal and his daughter Yulia in Salisbury on March 4. The Skripals were targeted with a nerve agent known as Novichok, developed in the former Soviet Union, but Moscow has denied any involvement. 

Eichelsheim said the four agents were operating out of a Citroen car parked outside the Marriott Hotel, which is next to the organisations headquarters on Johann de Wittlaan. They arrived in the country on April 10 on diplomatic passports with almost identical serial numbers. 

Close access

They were disrupted while an attempt was made at a ‘close access hack operation’ at around 4.30pm on Friday. Equipment found in the boot of the car included an antenna pointed at the OPCW building and digital devices used to intercept login details.

The car the Russians hired. Photo: Ministerie van defensie

Eichelsheim said the four Russians were ‘clearly not here on holiday’. They were carrying €20,000 and US $20,000 in cash, took their rubbish from their hotel room when they left and tried to destroy their mobile phones when they were intercepted. One of the phones had been activated close to the special services centre in Moscow. 

A further clue was the discovery of a taxi receipt from GRU headquarters to Moscow airport. 

The equipment the men surrendered also included a laptop computer which had apparently been used to infiltrate the Malaysian police and judicial authorities. Malaysia is involved in the investigation into the shooting down of flight MH17 over Ukraine in 2014, which the Netherlands holds Russia accountable for. 

Data found on the laptop also suggested it had been used in the Swiss city of Lausanne to hack into computers belonging to the World Anti-Doping Agency, which is investigating institutional drug use in Russian sport. 

International co-operation 

Defence minister Ank Bijleveld said the Dutch government was sending out a clear message to Moscow to stop undermining cybersecurity in other countries. The Russian ambassador to The Hague has been summoned to appear before foreign minister Stef Blok. 

‘The Dutch cabinet is very concerned that the OPCW was the target of an interception by the Russian military intelligence service,’ Bijleveld said. 

‘I am proud of the MIVD, they have done excellent work. I want to emphasise that co-operation has played a big part in this success. Co-operation in the Netherlands, but also with our international intelligence partners. Good international co-operation is crucial in tackling threats such as the GRU.’ 

The men with a Russian embassy official at Schiphol. 

In response, Moscow issued its customary blunt denial of all accusations of wrongdoing. Russian foreign ministry spokeswoman Maria Zakharova dismissed the allegations as ‘big fantasies’. 

Prime minister Mark Rutte issued a joint statement with his British counterpart Theresa May earlier in the day condemning Russia’s ‘disregard for global values.’ 

They said: ‘The GRU’s reckless operations stretch from destructive cyber activity to the use of illegal nerve agents, as we saw in Salisbury. That attack left four people fighting for their lives and one woman dead. 

‘Our action today reinforces the clear message from the international community. We will uphold the rules-based international system, and defend international institutions from those that seek to do them harm.’ 

US charges 

Major-general Eichelsheim said the government had taken the unusual step of releasing details of the operation after US officials published charges against a number of Russian intelligence agents on Thursday. The Dutch government hopes that making the information public will make it harder for Russia to carry out such covert operations in future. 

British foreign secretary Jeremy Hunt said the incident was ‘part of a pattern of cyber-attacks’ in other countries in which the Russian government was implicated. 

He said: ‘If anyone had any questions in their mind about Russian military involvement in the Salisbury attacks, this will put to rest those doubts because we have evidence of the Russian military launching a cyber-attack on the very international organisation in the Netherlands set up to investigate those novichok attacks. And why would you do that if you weren’t the guilty party?’

Almost 2,000 people fell for the Microsoft helpdesk con last year

DutchNews, January 17, 2018

Photo: Depositphotos.com

Last year almost 2,000 people, mainly over-50s, were conned out of money by criminals claiming to work for the Microsoft helpdesk, police said in a new report. 

In total, they were conned out of €7m, police say, with two victims losing €38,000 and €98,000 respectively. In 2016, there were 1,100 cases of Microsoft helpdesk crime. 

The victims are phoned by someone, often with a heavy accent, claiming to work for Microsoft and alerting them to a problem with their computer. This could be a virus, an expired licence or an update. 

The victim is then asked to download a programme which allows the con artist to take over the computer to fix the programme. The victim is then asked to pay using untraceable methods. In some cases the conmen and women have been able to access their victims’ bank accounts, police said. 

Police say people should hang up immediately when phoned by someone claiming to be from Microsoft. The company itself says it never contacts people who have not requested help.

143 mn affected in hack of US credit agency

Yahoo – AFP, Glenn CHAPMAN, September 8, 2017

Hackers penetrated the computer network of credit reporting firm Equifax, the
latest big company to report a major breach (AFP Photo/GREG BAKER)

San Francisco (AFP) - A major American credit reporting agency entrusted to safeguard personal financial information said Thursday hackers looted its system in a colossal breach that could affect nearly half the US population as well as people in Britain and Canada.

Equifax said that a hack it learned about on July 29 had the potential to affect 143 million US customers, and involved some data for British and Canadian residents.

The Atlanta-based company disclosed the breach in a release that did not explain why it waited more than a month to warn those affected about a risk of identity theft.

Filings with the US Securities and Exchange Commission showed that three high-ranking Equifax executives sold shares worth almost $1.8 million in the days after the hack was discovered.

An Equifax spokesperson told AFP the executives "had no knowledge that an intrusion had occurred at the time they sold their shares."

Copies of SEC filings regarding the transactions were on an investor relations page at the company's website.

Equifax collects information about people and businesses around the world and provides credit ratings used for decisions regarding loans and other financial matters.

It also touts a service protecting against identity theft.

"The fact that it is a credit company that people pay to be protected from breaches, and now they have been breached... it feels like a betrayal of trust to a point," said Aires Security chief executive Brian Markus, whose firm specializes in computer network defenses.

He considered the breach "gigantic," made worse by the fact that Equifax stores extensive personal information about people and keeps it up to date.

Markus wondered what level of responsibility Equifax is going to take if stolen information is used for fraud or identity theft, and advised people to enlist credit monitoring services to alert them to trouble.

'Strikes at the heart'

Equifax released a statement saying that it learned of the breach on July 29 and "acted immediately" with the assistance of an independent cybersecurity firm to assess the impact.

"Criminals exploited a US website application vulnerability to gain access to certain files," the statement said.

An internal investigation determined the unauthorized access occurred from mid-May through July 2017, according to the company.

Equifax said the hackers obtained names, social security numbers, birth dates, addresses and, in some instances, driver's license numbers from the database, potentially opening up victims to identity theft.

The company said credit card numbers were compromised for some 209,000 US consumers, as were credit dispute documents for 182,000 people.

Equifax vowed to work with British and Canadian regulators to determine appropriate next steps for customers affected in those countries, but added in the release that it "found no evidence that personal information of consumers in any other country has been impacted."

"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do," said company chairman and chief executive Richard Smith.

"I apologize to consumers and our business customers for the concern and frustration this causes."

He added that Equifax is reviewing its overall security operations.

Equifax said it had established a website to enable consumers to determine if they are affected and would be offering free credit monitoring and identity theft protection to customers.

The company is the latest to announce a major breach. Yahoo last year disclosed two separate cyber attacks which affected as many as one billion accounts.

More than 400 million accounts were affected by a breach disclosed last year at the hookup site Adult Friend Finder, and other firms affected in recent years included Heartland Payment Systems and retail giant Target.

"Every company out there is potentially susceptible in today's cyber landscape," Markus said of hacking attacks, some even by nation states.

"These incidents can put companies out of business."

Equifax shares were down more than 13 percent to $124 in after-market trades that followed news of the hack.

Related Article:

Equifax executives step down after major hack - New