Tuesday, January 19, 2016

Large Numbers of MIT Email accounts leaked

We have noted a large amount of MIT related email accounts showing up on Darknet forums and in leaks posted to Paste sites.

The information posted includes 98 accounts and additional information. The information is verified as we have been able to get confirmation from several students and staff.

Sunday, January 17, 2016

Credit Suisse accounts start appearing online

We started noticing credit-suisse accounts showing up online this evening. Our system that collects information on compromised accounts started alerting to accounts at the firm. It is not known if the accounts detected are end user accounts or corporate accounts.

Wednesday, January 13, 2016

State of Virginia DHRM fails to respond to notification

On 1-7-2016 a researcher that assist Jigsaw Security noted some issues with documents posted on the DHRM website. A PDF posted by this organization contained information that was obfuscated by blocks but was a layered image so if you edit the document the blocks can be removed and the original content is then visible.

The Jigsaw Security Operations Center sent a standard notification advising them of the issue but they have failed to respond to the request.

As of the posting of this article the document remains on the web1.dhrm.virginia.gov website and there has been no response for the contact Nancy Tobin identified as the documents author. Our email was not returned as undeliverable.

We can't show you the actual email because it would expose the actual issue but we did what we could to notify them of the issue. 


We we notified them and followed up but no response. 


So basically they tried to do the right thing by blocking out personally identifiable information in these documents but the method used was inadequate. 

It is unknown of the individuals affected by this issue are still employed by the State of Virginia as we have not received any response to our inquiry. 

Hopefully bringing this information to light will prevent this type of information disclosure in the future but the lack of response is troubling. 

UPDATE:
As of 14 January, 2016 a response was received indicating that the issue is being corrected.

"DHRM takes any possible data breach very seriously, and we wanted to notify you that measures are being taken to address the issue:

·         Removal of the referenced documents and links from DHRM’s servers so that data is no longer exposed that might impact employee privacy and security;
·         Software that has proper redacting capability supplied to users;
·         Staff training introduced to ensure that no lapses will occur in the future.

Thank you for bringing this matter to our attention."

Friday, January 8, 2016

2 Big Stories Next Week

We are currently reviewing 2 issues both of which are confirmed issues of PII and/or PHI data that we uncovered in the course of reading user submissions this week. Both involve some high profile entities of which neither has replied to our request for comments.

We have provided evidence of the issues to both and are awaiting any response.