Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] N.H. state server eyed in possible credit card data breach

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] N.H. state server eyed in possible credit card data breach
Date: Thu, 23 Feb 2006 03:35:35 -0600 (CST) 
http://www.computerworld.com/securitytopics/security/story/0,10801,108896,00.html

By Todd R. Weiss 
FEBRUARY 22, 2006
COMPUTERWORLD

The FBI, the Department of Justice and New Hampshire officials are 
investigating a potential security breach after the Cain & Abel 
computer worm was found on a state Department of Motor Vehicles (DMV) 
server during a routine security check last week. 

The state's Office of Information Technology said in a statement that 
no evidence has been found that indicates any user credit card 
information was accessed. Residents who used the state server for 
transactions were warned to keep an eye on their credit card 
transaction histories, but state officials said no illegal credit card 
use has been reported. The server held only credit card numbers, with 
no other personal information. 

New Hampshire state CIO Richard C. Bailey Jr. said it is still not 
clear how the worm -- a variation of a legitimate application, the 
Cain & Abel password recovery program for Microsoft products -- was 
placed on the server. That could have been done from inside the 
state's system or over the Internet. No other instances of the worm 
have been found on other servers in the state network, Bailey said. 

An unnamed employee at the state's Office of Information Technology 
(OIT) was placed on paid leave as part of the investigation, Bailey 
said. He declined to comment further. 

The worm was found during a routine security checkup as IT workers 
were evaluating a network intrusion system from Cisco Systems Inc., 
Bailey said. The Cisco Security Monitoring, Analysis and Response 
System appliance was used by the IT workers to look for anomalies, 
track them down and stop any threats, he said. 

The Cain & Abel worm could allow an intruder to watch activity on the 
server, according to the OIT. 

The affected server was taken last week by the FBI, which is 
conducting forensic analysis on it to try to determine how the worm 
was placed on it. In addition to being used by the state DMV, the 
server is also used by the New Hampshire Veterans Home and as a backup 
system for the state's Liquor Commission. The DMV and Veterans Home 
use the server to transmit financial information, while the Liquor 
Commission uses it as a backup system for sales transactions in state 
liquor stores. 

"As of yesterday, no one had reported an instance in which their 
credit card information had been compromised, which we're taking as a 
good sign," Bailey said. 

Pamela Walsh, a spokeswoman for the New Hampshire governor's office, 
said the ongoing investigation will probe whether the Cain & Abel worm 
was ever activated on the server to look at the stored credit card 
numbers. "We don't know at this point [that] it that actually 
happened," she said. 



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] N.H. state server eyed in possible credit card data breach, InfoSec News <=
Previous by Date:  [ISN] DEF CON 14 is now in effect! The Call for Papers is open., InfoSec News
Next by Date:  [ISN] Convicted data thief gets eight years, InfoSec News
Previous by Thread:  [ISN] DEF CON 14 is now in effect! The Call for Papers is open., InfoSec News
Next by Thread:  [ISN] Convicted data thief gets eight years, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]