Tag Archives: Cyber attack

Over 1000 Wendy’s Restaurants Hit by Credit Card Hackers

Posted on July 11, 2016 | Leave a comment

Wendy's

The Popular fast-food restaurant chain Wendy’s on Thursday admitted that a massive cyber attack had hit more than 1,000 of its restaurants across the country.

The burger chain did not speculate how many people may have been affected, though it did confirm that the hackers were able to steal its customers’ credit and debit card information.

The data breach is more than three times bigger than initially thought.

The original data breach was believed to have affected “fewer than 300” of its 5,144 franchised locations in the United States when the malware was discovered in May.

The Malware had been installed on Point-of-Sale (POS) systems in the affected restaurants and was able to obtain cardholder’s name, payment card number, expiration date, service code, cardholder verification value, among other data.
wendy-data-breach

The data breach began in fall 2015 and discovered in February this year, and the company went public with in May.  Just last month, Wendy’s said the company learned of a second malware variant that had infected its systems and disabled it from all locations.

The company is now offering one year of “complimentary” fraud protection services to affected customers.

Wendy’s has blamed a third-party for the cyber attack, saying a “service provider” had its remote access credentials compromised that allowed attackers to deploy malware remotely to some franchisees’ POS systems.

Once identified, the US burger chain found a method of disabling the malware and has done so at all affected locations. Customers can see the list of affected locations through Wendy’s website.

So, if you have used your debit or credit card at Wendy’s restaurant early this year, you are advised to keep a close eye on your bank account statements.

 

Leave a comment

Posted in Cyber Security, Data Breach, Hacks

Tagged ,

Hackers demand ransom payment from Kansas Heart Hospital for files

Posted on May 24, 2016 | Leave a comment

WICHITA, Kan. A hospital held hostage by hackers and denied access to its files until it pays a ransom. It’s a crime that’s been reported across the country, and now it’s happened in Wichita.

It’s called “ransomware” – hackers hijack your computer and hold the data until you pay up.

The Kansas Heart Hospital is the latest victim of this attack.

The hospital’s president, Dr. Greg Duick, says the hackers never got access to patient information, but the attack did cause problems.

“Kansas Heart Hospital had a cyber attack occur late Wednesday evening,” Duick said. “We suspect, as attacks other parts of the country, this was an offshore operation,” he said.

Duick says hackers holding hospital files hostage is very common.

“Upwards of 45% of hospitals have received some kind of cyber attack. And multiple hospitals had additional attacks,” he said.

About 9pm Wednesday, a hospital employee lost access to files.

“It would be like you’re working on your computer and all of a sudden, your computer says, sorry can’t help you anymore,” Duick said. “It became widespread throughout the institution.”

Hackers got into the system, and locked up the files, refusing to give back access unless the hospital paid up.

“I’m not at liberty because it’s an ongoing investigation, to say the actual exact amount. A small amount was made,” Duick said.

But even after the hospital paid, the hackers didn’t return full access to the files. Instead, they demanded another ransom. The hospital says, it will not pay again.

“The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy,” Durick said.

The hospital was aware that an attack like this might happen, and it did have a plan

“That plan went into immediate action. I think it helped in minimizing the amount of damage the encrypted agent could do,” Durick said.

“The patient information never was jeopardized and we took measures to make sure it wouldn’t be,” he said.

Durik also says the attack never impacted patient treatment and will help the hospital strengthen its response to future hackers.

Ransomware is so common that many hospitals, Kansas Heart, have insurance to help cover costs of cyber extortion.

The hospital is working with it’s IT team and security experts restore the rest of the system.

Hospitals have become a favorite target of the ransomware scam. Earlier this year 10 Medstar facilities in the Washington region were part of a cyber attack that prompted the health care provider to shut down it’s computer system.

Also in February a California hospital paid $17,000 in ransom to regain access to its medical records.

http://www.kwch.com/content/news/Hackers-demand-ransom-payment-from-Kansas-Heart-Hospital-380342701.html

 

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Healthcare, Security

Tagged , ,

Here’s How Hackers Stole $80 Million from Bangladesh Bank

Posted on March 17, 2016 | Leave a comment

hacking-bank

The recent cyber attack on Bangladesh’s central bank that let hackers stole over $80 Million from the institutes’ Federal Reserve bank account was reportedly caused due to the Malware installed on the Bank’s computer systems.
Few days ago, reports emerged of a group of unknown hackers that broke into Bangladesh’s central bank, obtained credentials needed for payment transfers from Federal Reserve Bank of New York and then transferred large sums to fraudulent accounts based in the Philippines and Sri Lanka.
The criminal group was able to steal a total value of about $81 Million from the Federal Reserve’s Bangladesh account through a series of fraudulent transactions, but a typo in some transaction prevented a further $850 Million Heist.
However, the question was still there:
 
How the Hackers managed to transfer $80 Million without leaving any Trace?
Security researchers from FireEye’s Mandiant forensics are helping the Dhaka investigators to investigate the cyber heist.
Investigators believe unknown hackers installed some type of malware in the Bangladesh central bank’s computer systems few weeks before the heist and watched how to withdraw money from its United States account, Reuters reports.
Although the malware type has not been identified, the malicious software likely included spying programs that let the group learn how money was processed, sent and received.
The malware in question could be a potential Remote Access Trojan (RAT) or a similar form of spyware that gave attackers the ability to gain remote control of the bank’s computer.
The investigators suspect the hack could have exploited a “zero-day” flaw as they are unknown to vendors as well.
After this, the hackers were able to steal the Bangladesh Bank’s credentials for the SWIFT messaging system, a highly secure financial messaging system utilized by banks worldwide to communicate with each other.

“SWIFT and the Central Bank of Bangladesh are working together to resolve an internal operational issue at the central bank,” Belgium-based SWIFT said in a statement Friday. “SWIFT’s core messaging services were not impacted by the issue and continued to work as normal.”

Security experts hope that the malware sample will be made available to the security researchers soon so that they can determine whether the sample was truly advanced, or if Bangladesh Central Bank’s security protection was not robust enough to prevent the hack.
The Bangladesh Bank discovered weaknesses in its systems, which could take years to repair the issues though the Federal bank has denied any system compromise.

 

Leave a comment

Posted in Cyber Security, Data Breach, Hacking, Security

Tagged , ,

Data Breach at UC Berkeley Impacts 80,000

Posted on March 2, 2016 | 1 comment

It’s a New Year !!!

computerkeyboard450

Roughly 80,000 people might have been impacted by cyber attack that hit a UC Berkeley system containing Social Security and bank account numbers, the university warns.

UC Berkeley officials are sending alert notices to current and former faculty, staff, students and vendors after discovering that one of the university’s systems had been breached, but say that there’s no evidence that any personal information has been accessed, acquired, or used following the attack.

However, the university has decided to inform users who are possibly impacted by the breach to stay alert on any misuse of their information and to enroll into a credit protection service the campus is offering free of charge.

Authorities, including the FBI, have already been notified about the incident.

According to a post from Janet Gilmore, Public affairs at UC Berkeley, the attack occurred in late December 2015, when an unauthorized user gained access to portions of computers that are part of the Berkeley Financial System (BFS). The attacker(s) leveraged a security vulnerability that UC Berkeley was in the process of patching, Gilmore states.

The blog post explains that the BFS is a software application used for the management of financial operations such as purchasing and most non-salary payments. Of the 80,000 potentially impacted people, 57,000 are current and former students, about 18,800 are former and current employees, including student workers, and 10,300 are vendors who do business with the campus.

Due to the fact that some individuals belong into more than one category, the breach impacted more than 80,000 entries, and Gilmore explains that this includes approximately 50 percent of current students and 65 percent of active employees. She also explains that many of the people impacted by the breach include individuals who received payments from UC Berkeley through electronic fund transfers.

“For students, this often involved financial aid awards that they elected to receive by electronic fund transfer. For many faculty and staff, this involved reimbursements, such as work-related travel reimbursements. Vendors whose Social Security numbers or personal bank account numbers were in the system in order for payment to be issued are also potentially impacted,” Gilmore says.

UC Berkeley learned of the potential unauthorized access to data within 24 hours of its occurrence, and Gilmore notes that officials took prompt action by removing all potentially impacted servers from the network, thus preventing further access to them. Furthermore, the campus hired a computer investigation firm to assist with the investigation.

Last month, University of Virginia’s HR system was breached and attackers managed to access sensitive information, including W-2s and banking details of University employees. Also in January, a hacker proclaiming allegiance to the Islamic State jihadist group infiltrated the internal network of one of China’s top universities.

1 Comment

Posted in Cyber Security, Data Breach, Hacking, Hacks, Security, Technology

Tagged , ,