In this week's issue: the Department of Justice is investigating a potential data breach involving an ATF executive, banking malware is getting tougher to block, banks are seeing suspicious activity at Trump Properties locations, JPMorgan Chase has reassigned their CISO a year after data breach, and for this week's Rippleshot content, we look at how hackers steal credit card information and what they do with it after.
The Department of Justice (DOJ) is currently investigating an executive at the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) for allegedly accessing and downloading ATF employee information. Deputy Assistant Director for Strategic Intelligence and Information at ATF headquarters allegedly downloaded the personal information of other employees and sent the data from his work email to his personal email. At this time, the number of ATF employees affected by this security incident is still unknown. The ATF executive in question told CNN, “It appears somebody is actively seeking to damage my reputation.”
In light of the massive data breach involving the Office of Personnel Management, governmental entities are on high alert for future security incidents.
new study put out by security firm SecurityScorecard discovered more than 4,700 organizations were infected by some type of banking malware, leaving financial institutions at risk for future attacks. The study first started at the beginning of this year, where researchers uncovered 11,952 infections affecting 4,703 organizations, some of which are customers of SecurityScorecard. In the study, the most common banking malware types that were identified are known as Bebloh, Dridex and TinyBanker.
To download a copy of SecurityScorecard’s latest report on the current state of banking malware, click here.
Financial institutions across the U.S. are beginning to see fraudulent activity linked to the luxury hotel properties owned by Republican presidential candidate Donald Trump. According to several KrebsOnSecurity bank sources, Trump properties in Chicago, Honolulu, Las Vegas, Los Angeles, Miami and New York have been affected by a payment card breach dating back as far as February of 2015. If the data breach is confirmed to have impacted Trump properties, this would be the third publicly announced data breach involving a hotel chain and it’s restaurants. In March of this year, the Mandarin Oriental announced that they had breached, and a month later the White Lodging hotel franchise was breached for a second time in a year.
Nearly a year after JPMorgan Chase suffered a data breach that compromised the personal information of 76 million households and 7 million businesses, JPMorgan Chase has reassigned its security team leader. JPMorgan Chase’s former chief information security officer has been moved to a smaller role within the bank while his successor takes on the role of head of global cyber partnerships and government strategy.
Shortly after the breach was discovered, sources close to the situation revealed that cyber attackers gained access to the highest levels of administrative within JPMorgan Chase. This would’ve allowed an unprecedented look into the most secure and sensitive information within the bank, with ability to transfer funds, close accounts and disclose sensitive information.
Stay tuned as more information becomes available.
While the breadth of data being stolen in breaches has reached critical mass, the most valuable still remains payment card data - which is why many hackers still target it directly. Wondering how they do it? Follow along as we dive into the different ways fraudsters steal card information and how they then use it. Read more here.
SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.