Author Archive

If you are a Virginia resident there is a chance your medical records are being held hostage by a hacker that breached the Virginia Prescription Monitoring Program. He is demanding $10 million dollars to return the records he deleted when he breached their network. The original report of the breach from Wikileaks can be found here. Excellent coverage can be found in this Washington Post blog as well. 

Comments No Comments »

The Wall Street Journal is reporting that the $300 billion Joint Strike Fighter (JSF) project has been breached. Lockheed Martin,  Northrup Grumman and BAE Systems are all involved in the project although it is unclear what network or networks were breached. There are likely numerous nation-state entities that would love to get their hands on this type of national security information. The question in my mind is if those responsible are working directly for a nation-state entity or if they are hoping to sell the information off to the highest bidder. Either way it is scary stuff. 

Links:

Comments No Comments »

We reported on the Heartland Payment Systems breach yesterday. Today we are following up with a list of articles covering the breach. Information is still coming out and will be for a long time. That has not stopped the media from labeling this the biggest data breach of all time.

We will refrain from commenting on the breach until more solid facts emerge. We willcontinue to relay facts to our readers as they come.

Comments 4 Comments »

Just about every news site that tracks computing, networking or security is reporting on the Heartland Payment Systems breach. Check out this coverage from CNET. Details are still sketchy and still emerging as is always the case in early-stage data breach reporting. These things take a long time and a lot of man-hours to analyze. We will likely be hearing about this one for months on end, especially if early reporting is correct in the scope and duration of the breach.

People are suggesting that this breach could beat the TJX breach in terms of the number of credit card accounts exposed to the intruders (”unknown hackers” at this point). The sheer volume of transactions handled by Heartland (100 million a month) makes this a potentially damaging breach to many consumers.  However, the company itself does not even know as of yet how many unique cards it has processed transactions with over the year or more that the intruders were active on their network. 

Comments 2 Comments »

On BreachyBytes we most frequently focus on network security for enterprise networks. However I did stumble across an interesting article on Continuity Central that did a nice job breaking down the top ten threats to small and medium-sized businesses. Although these points are relevant to smaller businesses I think that many are applicable to large enterprises and home users as well. Here is their list:

  1. Insiders
  2. Lack of contingency plans
  3. Unchanged factory defaults
  4. The unsecured home
  5. Reckless use of public networks
  6. Loss of portable devices
  7. Compromised WebServers
  8. Reckless web surfing
  9. Malicious HTML e-mail
  10. Unpatched vulnerabilities open to known exploits

Read the article for more information.

Comments 15 Comments »