Several large US banks were attacked by hackers who appear to have used malware and a zero-day vulnerability to infiltrate networks and obtain corporate and customer data. At least five banks—only JP Morgan Chase was identified—were involved in the attacks, in which cybercriminals stole “gigabytes of customer data,” according to the anonymous sources cited by news outlets. However, it is unclear whether they took credit card or other account information. The fact that there have been no reports of money moved from accounts indicates the attack was politically motivated, according to a US government source. The US FBI, Secret Service, and National Security Agency are investigating the breaches. Initial investigations indicate the attacks were routed through computers in Latin America from servers that Russian hackers are known to use. Security vendor Trend Micro reported an uptick in attacks on US and European banks since 24 July 2014 from computers whose IP addresses appear to be in former Soviet bloc countries. JP Morgan Chase spokesperson Brian Marchiony declined comment on the recent incidents, saying only, “Companies of our size unfortunately experience cyberattacks nearly every day. We have multiple layers of defense to counteract threats and constantly monitor fraud levels.” In April, JPMorgan Chase CEO Jamie Dimon said the company was increasing its annual expenditures on security by 25 percent—to $250 million—compared to 2013. (CNN Money)(re/Code)(Bloomberg)
Thursday, September 18, 2014
Tuesday, June 3, 2014
Target CEO Resigns amid Continuing Data Breach Fallout
Department-store chain Target’s board of directors has announced the resignation of CEO Gregg Steinhafel, the latest move to occur in the wake of the huge 2013 data breach from which the company is still recovering. Steinhafel, a 35-year Target employee of the company who also served as its president and a board member, had said that he held himself personally accountable for the data breach. Chief financial officer John Mulligan is acting as interim CEO and president, and board member Roxanne S. Austin will serve as non-executive board chair. Steinhafel remains with Target in an advisory capacity. During the December 2013 breach, hackers stole credit- or debit-card information on up to 110 million people who purchased items at Target. Since then, Target has reported that its revenue during the Christmas 2013 shopping quarter was 5 percent less than in 2012. The company also reported paying $61 million in hacking-related expenses, with insurance covering $17 million. The company plans to use chip-and-pin technology from MasterCard in its new company-branded credit and debit cards, due for release in early 2015. (The Los Angeles Times)(Businessweek)(USA Today)(Target)
