ThreatReport: Global cybercriminal activityVANCOUVER, B.C. — The website of grocery store chain T&T Supermarket was hit with a cyberattack resulting in the exposure of 58,000 customer names, contact details, usernames and passwords. Website visitors also might have been tricked into downloading malicious software onto their computers.
ABILENE, KAN. – Cybercriminals stole $63,000 from the bank account of the car dealership, Green Ford Sales, after infecting the Windows PC of the company's controller with the data-stealing trojan Zeus. The company's bank, First Bank Kansas, has recovered all but $22,000 of the stolen funds.
BALTIMORE — A former employee of the city's Substance Abuse Systems treatment and prevention authority, who infiltrated the organization's computer network after being fired, was sentenced in the city's first computer hacking case. Walter Powell, 52, pleaded guilty to invading his former employer's computer system.
CHICAGO — Retail chain Michaels was recently hit with a second lawsuit over a point-of-sale skimming attack that affected stores in at least 20 U.S. states. The latest class action suit, filed in U.S. District Court in Illinois, claims the craft chain failed to secure its payment terminals and took too long to notify customers of the breach.
SEAL BEACH, CALIF.— The names and Social Security numbers of 300,000 individuals who applied for California workers' compensation benefits were posted online. The data was inadvertendly exposed by Southern California Medical-Legal Consultants, a company that helps medical providers recover workers' compensation insurance funds.
JAPAN – Parliament passed a law that sets penalties for convicted malware creators and purveyors. A guilty ruling can send virus writers to prison for up to three years and fine them as much as $6,200, while malware spreaders can receive two years behind bars and fines of $3,700. The law also permits cops to confiscate email communications of suspects from ISPs.
GERMANY – Two men, 18 and 23, were sentenced for using trojans to hack into computers of record executives that contained unreleased songs and photos belonging to popular musicians, including Lady Gaga and Kesha. The younger of the two intruders earned 18 months in prison, while the other received an 18-month suspended sentence.
U.K. – A 26-year-old York man was charged with trying to hack the internal system of Facebook. He was arrested following an investigation launched by the FBI and Metropolitan Police. The suspect was released on bail, but faces extradition to the United States, where he could receive up to 10 years in prison. No Facebook data was compromised.
RUSSIA – Two hackers are believed responsible for stealing more than $500,000 from bank accounts in Turkey. Authorities believe the men tricked users into installing keylogger trojans on their computers, which enabled the crooks to gain access to their bank accounts to conduct 265 fraudulent transfers between 2005 and 2007.
TURKEY – The hackivist collective Anonymous took credit for infiltrating and defacing 74 government websites as a protest to web-filtering regulations set to take effect in August. In June, Turkish authorities charged 32 people with ties to Anonymous following DDoS attacks. Both incidents are related to the group's so-called “AntiSec” movement.