Security News > 2006 > February > N.H. state server eyed in possible credit card data breach
http://www.computerworld.com/securitytopics/security/story/0,10801,108896,00.html By Todd R. Weiss FEBRUARY 22, 2006 COMPUTERWORLD The FBI, the Department of Justice and New Hampshire officials are investigating a potential security breach after the Cain & Abel computer worm was found on a state Department of Motor Vehicles (DMV) server during a routine security check last week. The state's Office of Information Technology said in a statement that no evidence has been found that indicates any user credit card information was accessed. Residents who used the state server for transactions were warned to keep an eye on their credit card transaction histories, but state officials said no illegal credit card use has been reported. The server held only credit card numbers, with no other personal information. New Hampshire state CIO Richard C. Bailey Jr. said it is still not clear how the worm -- a variation of a legitimate application, the Cain & Abel password recovery program for Microsoft products -- was placed on the server. That could have been done from inside the state's system or over the Internet. No other instances of the worm have been found on other servers in the state network, Bailey said. An unnamed employee at the state's Office of Information Technology (OIT) was placed on paid leave as part of the investigation, Bailey said. He declined to comment further. The worm was found during a routine security checkup as IT workers were evaluating a network intrusion system from Cisco Systems Inc., Bailey said. The Cisco Security Monitoring, Analysis and Response System appliance was used by the IT workers to look for anomalies, track them down and stop any threats, he said. The Cain & Abel worm could allow an intruder to watch activity on the server, according to the OIT. The affected server was taken last week by the FBI, which is conducting forensic analysis on it to try to determine how the worm was placed on it. In addition to being used by the state DMV, the server is also used by the New Hampshire Veterans Home and as a backup system for the state's Liquor Commission. The DMV and Veterans Home use the server to transmit financial information, while the Liquor Commission uses it as a backup system for sales transactions in state liquor stores. "As of yesterday, no one had reported an instance in which their credit card information had been compromised, which we're taking as a good sign," Bailey said. Pamela Walsh, a spokeswoman for the New Hampshire governor's office, said the ongoing investigation will probe whether the Cain & Abel worm was ever activated on the server to look at the stored credit card numbers. "We don't know at this point [that] it that actually happened," she said. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
News URL
http://www.computerworld.com/securitytopics/security/story/0,10801,108896,00.html
Related news
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- Hackers steal ZAGG customers' credit cards in third-party breach (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Thousands of credit cards stolen in Green Bay Packers store breach (source)