Phishing Scheme Leads RoundupHacker Stole IDs From Gov't Employees for Fraud
In this week's breach roundup, a Nigerian has pleaded guilty to a charge stemming from his involvement in a scheme that phished personal information from U.S. federal government employees. Also, Paytime Inc. says approximately 233,000 individuals have been potentially impacted by a recently reported breach.
Guilty Plea in Computer Hacking Scheme
Abiodun Adejohn of Nigeria has pleaded guilty to wire fraud conspiracy in connection with a computer hacking and identity theft scheme that defrauded vendors of nearly $1 million of office products after phishing e-mail log-in information from government employees.
The scheme consisted of using phishing attacks through fraudulent e-mails and websites that mimicked the legitimate e-mails and websites of U.S. government agencies, according to U.S. Attorney Paul Fishman in New Jersey. Employees of the government agencies visited the fake websites and provided their e-mail account usernames and passwords.
Adejohn and his conspirators used the stolen credentials to access the employees' e-mail accounts and to place fraudulent orders for office products, typically printer toner cartridges, in the employees' name from vendors who were authorized to do business with U.S. government agencies, Fishman says.
The vendors were then directed to ship the fraudulent orders to individuals in New Jersey and elsewhere to be repackaged and ultimately shipped to overseas locations, including Nigeria, controlled by Adejohn and his conspirators. Once the orders were received, Adejohn and his conspirators sold the toner cartridges to another individual on the black market for profit, prosecutors say.
Adejohn faces a maximum potential penalty of 20 years in prison and a $250,000 fine. Sentencing is scheduled for Sept. 9.
Paytime Breach May Impact 233,000
Paytime Inc., a payroll solutions company in Mechanicsburg, Pa., says approximately 233,000 individuals have been potentially impacted by a recently reported breach that impacted user names and passwords related to its client service center (see: Hackers Break Into Payroll Solutions Firm).
"While the vast majority of the affected individuals reside in Pennsylvania, there are affected individuals in almost all 50 states," the company says in a statement provided to central Pennsylvania broadcaster WITF.
Paytime is working with third-party forensics experts and law enforcement to investigate the incident.
"As the investigations proceed, Paytime is providing notification to everyone who may have been affected, setting up a call center and support services, and informing state regulators," the company says in a statement sent to Information Security Media Group. Impacted individuals are being offered free credit monitoring and identity restoration services for one year. The company has also taken several security measures following the breach, including adding intrusion detection and monitoring systems.
Thumb Drive Stolen from Medical Office
St. Joseph Health in Irvine, Calif., says a thumb drive was stolen from its Santa Rosa medical office last week, potentially exposing information on nearly 34,000 patients.
The drive contained information on patients who received X-ray services at the office between Feb. 2, 2009 and May 13, 2014, a spokesperson for the organization told news outlet The Press Democrat. Compromised information includes names, gender, medical record numbers, dates of birth, date and time of service, area of body X-rayed, the X-ray technologist's name and the radiation level required to produce the X-ray.
The hospital is offering free credit monitoring and identity theft protection services for one year to impacted patients. St. Joseph Health did not immediately respond to a request for additional information.
Construction Books Publisher Hacked
Craftsman Book Company, a publisher of technical books for construction professionals, on May 27 discovered unauthorized activity on its website, prompting a message for users to change their passwords.
A hacker was able to break through password security on the Craftsman site Construction-Contract.net, says Gary Moselle, publisher and CEO of Craftsman Book Company, in a letter to the California Attorney General's office. No personal information is stored on that particular site, Moselle says. Through the use of an SQL injection attack, the hacker was able to access Craftsman-Book.com, a website hosted on the same server as Construction-Contract.net.
Once the hacker had access to Craftsman-Book.com, the intruder could view sensitive files, including customer names, billing addresses, credit card numbers and expiration dates, Moselle says.
As a result of the incident, the Construction-Contract.net website has been taken offline. Craftsman Book Company has also resolved several SQL injection vulnerabilities in its code.
News reports say that 11,000 customers were impacted by the breach. The company did not immediately respond to a request for additional information.