Overview of Major Information Security Incidents: November 27 – December 3, 2017
The past week was marked by several high-profile incidents and data breaches that drew significant public attention. These included leaks of confidential data from the U.S. National Security Agency (NSA) and National Credit Federation, the mysterious disappearance of $655,000 worth of Verge cryptocurrency from the CoinPouch universal wallet, the publication of 1,300 Armenian Facebook users’ passwords online, and more. Below is a brief summary of the main information security events from November 27 to December 3, 2017.
1. NSA Data Leak and National Credit Federation Breach
The most notable event of the week was the discovery of confidential NSA data related to the classified U.S. Army Intelligence and Security Command project called Red Disk, found publicly accessible on an Amazon Web Services server. The Red Disk project was intended to be a customizable cloud system to support large-scale, complex military operations, providing soldiers in conflict zones with real-time data from the Pentagon, including satellite images and drone video feeds. However, due to system slowness and usability issues, the project was never fully implemented.
Misconfigured Amazon Web Services servers also led to a leak of 111 GB of confidential information from the National Credit Federation (NCF), including credit histories of its clients. While the breach affected a relatively small number of NCF clients (about 40,000), the server contained sensitive data, including reports from the three major credit bureaus: Equifax, Experian, and TransUnion.
2. Armenian Facebook Users’ Data Exposed
At the beginning of the week, information security expert Samvel Martirosyan reported the publication of email addresses and phone numbers belonging to Armenian Facebook users. According to Martirosyan, hackers likely managed to steal passwords. Although the attackers claimed to have compromised 4,000 passwords, the published list contained data for only 1,300 users.
3. Former DHS Employees Steal Personal Data
It was also revealed last week that former employees of the U.S. Department of Homeland Security (DHS) stole personal information—including names, Social Security numbers, and dates of birth—of approximately 246,000 DHS staff members. The perpetrators intended to use this data to develop and test a fake case management system, which they planned to sell to other government agencies.
4. CoinPouch Wallet Breach and Verge Cryptocurrency Theft
Operators of the CoinPouch universal cryptocurrency wallet disclosed details of a recent hack and theft of Verge (XVG) cryptocurrency totaling $655,000. The incident began in early November when a user reported missing funds from their wallet. After an initial investigation, the Verge support team concluded there was no hack. However, after CoinPouch developers implemented security measures for the Verge-specific node, users began reporting wallet malfunctions again. A subsequent investigation revealed that the node had indeed been compromised. As of now, neither CoinPouch nor Verge developers have determined exactly how the breach occurred.
5. Clarksons Shipping Broker Hacked
Last week, the world’s largest shipbroker, the UK-based company Clarksons, fell victim to hackers. The attackers breached the company’s computer systems, stole confidential data, and demanded a ransom, threatening to publish the stolen information if their demands were not met. Clarksons refused to pay the extortionists.
6. Europol Busts International Skimming Network
At the end of the week, Europol announced the takedown of an international skimming network and the seizure of over 1,000 counterfeit credit cards belonging to the criminals. During a joint operation, four Bulgarian citizens—allegedly the leaders of the group—were arrested. The group was reportedly responsible for installing skimmers on ATMs and using the stolen data to create fake cards and withdraw funds from ATMs outside Europe, including in Belize, Indonesia, and Jamaica.