Attackers in Asia compromise data for nearly 150k in California

Share this article:

Hackers said to be located overseas may have compromised the personal data of tens of thousands of California residents in a computer attack that dates back to March.

Among the sensitive information that may have been accessed are the names, addresses, dates of birth and Social Security numbers of 144,493 Monterey County residents.

Each of the affected received social services assistance payments through CalFresh, MediCal, CalWorks, and Foster Care between 2002 and 2009, Elliot Robinson, director of the county Department of Social Services, told on Friday.

The incident involved attackers using Remote Desktop Protocol to penetrate a password-protected computer not in use since 2009 and previously believed to have been shut down, Robinson said, adding the hack occurred on March 17 and officials were notified that same day.

“How it was identified was by the volume of traffic coming into the network,” Robinson said, explaining officials pulled the power cord on the computer after moderators identified unknown access coming into the machine.

Monterey County officials held back from announcing the incident due to an ongoing forensic examination, during which time computer investigators used brute force to gain entry into the computer because it had been out of use for so long, Robinson said.

The lengthy collaborative investigation between state and local officials revealed that it was a power surge that caused the still network-connected machine to power on, allowing penetrators access to the system, Robinson said.

The hackers are believed to be located overseas because one of the Internet Protocol (IP) addresses was traced to a location in Hong Kong and another to a location in South Korea, Robinson said, adding he is unaware of any arrests linked to the attack.

Letters have been sent to affected individuals, alerting them of the incident, and updated security measures are being implemented to prevent any similar incidents from occurring.

“We take the privacy of people who come to us for assistance very seriously and have worked with state network administrators to assure that the method of attack used to break into this computer can't be used again,” said Robinson in a statement. “Additionally, this computer was immediately taken offline and care was taken to assure all other social services computers were behind firewalls.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Report: Stolen card data is crime that concerns Americans most

A recent Gallup Crime poll indicates that Americans' top two worries revolve around having credit card data stolen or their computer or smartphones compromised.

Phishing campaign passes off Pony Stealer trojan as 'overdue invoice'

The malware has previously been used to steal $220,000 worth of bitcoins from victims.

Popular Science served up Rig Exploit Kit on its website

The monthly science magazine served up malicious code to readers earlier this week and has remedied the issue.