Bank

now browsing by tag

 
 

Duke #Energy #Vendor’s #Hack May Mean #Stolen Customer #Bank Info

Nearly 375,000 Duke Energy Corp. customers may have had personal and banking information stolen in a data breach.

The country’s largest electric company said Tuesday the customers paid a bill by check or cash at 550 walk-in payment processing centers in the Carolinas, Florida, Indiana, Ohio and Kentucky since 2008.

Those payments were processed by TIO Networks, which was hacked in an attack disclosed after the company was purchased in July by PayPal Holdings Inc. Duke Energy customers make up nearly a quarter of the 1.6 million TIO Network customers potentially compromised.

The personally identifiable information that may have been stolen from Duke Energy customers includes names, addresses, electricity account numbers and banking information if a customer paid power bills by check.

TIO Networks is sending letters to notify those affected.

View full post on National Cyber Security Ventures

Florida #man gets 16 months over #bitcoin bank #hacker scheme

Source: National Cyber Security – Produced By Gregory Evans

Florida #man gets 16 months over #bitcoin bank #hacker scheme

NEW YORK – A Florida software engineer was sentenced to 16 months in prison for helping run an illegal Bitcoin exchange suspected of laundering money for a group of hackers who targeted financial and publishing firms including JPMorgan Chase & Co. and Dow Jones & Co.

Yuri Lebedev, 39, helped operate Coin.mx, which tricked banks into processing bitcoin transactions by disguising them as restaurant-delivery charges and online purchases of collectible items. He was convicted in March of conspiracy and fraud following a month-long trial in Manhattan.

Lebedev, wearing a black suit, stood before sentencing to tell the judge he regretted his actions. He said he joined Coin.mx to create “cutting edge technology” and build something “that would make me exceptional.”

“I got carried away,” he said, adding he realizes now “there are no shortcuts.”

U.S. District Judge Alison J. Nathan in New York said Lebedev used his “impressive technology skills” to trick banks, making them “unwilling participants in the scheme.”

Prosecutors said the unregistered exchange sold bitcoins that were used in illegal online transactions and as payment in ransomware attacks. To help dodge regulators, Lebedev also conspired with his boss to bribe a New Jersey pastor to let them take over a credit union that was run out of a church and use it to help legitimize the exchange’s corrupt operations.

The operator of Coin.mx, Anthony Murgio, was sentenced to 5½ years in June. He admitted in January that he ran Coin.mx for the hacking scheme’s main Israeli architect, Gery Shalon, the self-described founder of a sprawling criminal enterprise that hacked at least nine companies.

Lebedev was born in Russia and raised in Ukraine before moving in with a host family in the U.S. state of Georgia. His attorney, Eric Creizman, cited the wide-ranging nature of the scheme to portray his client as a husband and doting father of three who was been caught up in something too big for him to recognize. In court papers, he described Lebedev as an “unlikely criminal defendant.”

“This case in which Lebedev was tried and convicted as a defendant involved a far broader scope of criminality than the conduct that Lebedev purposefully involved himself in or even knew about,” Creizman said in a court filing.

Lebedev wasn’t accused of money laundering and wasn’t involved in the hacking scheme. Creizman emphasized his technology role and said he wasn’t involved in the three-way calls with banks in which customers lied about the nature of their transactions.

Family and friends sent letters to the court supporting Lebedev, all of which described him as a man devoted to hard work and to giving his children the kind of opportunities he didn’t have in Ukraine. His host family described how Lebedev tutored their child in math, while a college friend relayed how Lebedev washed dishes to avoid using a credit card for living expenses like others did.

Shalon’s global network allegedly stole information on more than 100 million customers of banks and publishing firms and generated hundreds of millions of dollars in illicit proceeds from pump-and-dump stock scams and online gambling.

Murgio operated the exchange with Lebedev from about 2013 to 2015 through a front company, the Collectables Club Private Member Association, which lists Murgio’s West Palm Beach address, court papers show. At Murgio’s sentencing hearing, he wept and said he’d “screwed up badly.”

The men “knowingly exchanged cash for people whom they believed may be engaging in criminal activity,” the government said in court filings.

As part of the scheme, Lebedev was installed on the board of New Jersey-based HOPE Federal Credit Union to bribe Trevon Gross, a pastor who was convicted in the same case, to gain control of the credit union and use it to process corrupt bank transactions that would appear legitimate, court filings show. Gross hasn’t been sentenced.

“Lebedev was one of the handful of co-conspirators involved in the credit union’s processing of over $60 million in risky” transactions, prosecutors said in court papers.

Lebedev’s role was to set up an array of servers that Coin.mx used to process its transactions, a critical element of the scheme that required constant attention to avoid detection by the banks, the U.S. said.

“One of those critical issues that Lebedev handled was the use of separate servers to mislead banks and payment processors into thinking that Coin.mx bitcoin transactions were actually Collectables Club memorabilia and MyXtremeDelivery food transactions,” the U.S. said in court papers.

Lebedev also attempted to obstruct the case by deleting files from a computer, prosecutors said.

Shalon and his alleged top lieutenant, Ziv Orenstein, were arrested in Israel in July 2015 and extradited to the U.S. last year. They have pleaded not guilty. An American who allegedly conspired with them, Joshua Aaron, who attended Florida State University with Anthony Murgio, was detained by Russian authorities in 2015 and returned to the U.S. to face charges. He denies wrongdoing.

The post Florida #man gets 16 months over #bitcoin bank #hacker scheme appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Today’s bank heists aren’t what they used to be with the battle now fought out in cyberspace

Source: National Cyber Security – Produced By Gregory Evans

Today’s bank heists aren’t what they used to be with the battle now fought out in cyberspace

Bank heists aren’t what they used to be. With sophisticated underground networks of hackers able to remotely swipe millions from financial institutions within seconds, many now look back wistfully on the days when a bank robbery involved a getaway chase, fat wads of cash and a bandit eye mask.

“Cyber is now the tool of choice for significant financial crime: it is easier to dispose of the stolen assets and the crime is easier to get away with,” says Andrew Moir, head of global cyber security at law firm Herbert Smith Freehills. “Compare the $81m (£61m) Bank of Bangladesh cyber heist [stolen from the bank’s account at the US Federal Reserve last year] to the £25m Hatton Garden jewel raid.”

The City of London is eager to show it is a leader in the fight against computer crime, particularly as Brexit rumbles in the background and threatens London’s status as Europe’s financial centre.

Dominic Raab, the justice minister, said last month that a decision to open a new court in the City to focus on cyber crime was a “terrific advert for post-Brexit Britain” while Catherine McGuinness, the City’s top official, is heading to Israel to meet cyber security experts and academics, with the aim of mirroring Tel Aviv’s success in attracting start-ups.

“[It’s] the first time we’ve made a trip like this, there is a fresh focus on cyber from us as an organisation,” Ms McGuinness made clear, adding that she will be looking at potential partnerships with specialists in Israel. She uses the new court, which is being funded by the City of London Corporation and will be based in the Square Mile, as an example for how the UK is keeping up with financial crime in the 21st century.

The UK was the target of one in eight cyber attacks in Europe between January and September last year, according to research from cyber security firm FireEye. No wonder then that the City is ploughing money into the issue – all too aware that finance is among the most targeted industries. The UK’s National Cyber Security Centre has dealt with more than 600 “significant” cyber attacks since it was opened just a year ago by the Government Communications Headquarters (GCHQ), and today is hosting a summit for EU member states to share what it has learnt.

Few are aware of the importance of tackling this issue more than Robert Hannigan, the former GCHQ boss who joined the intelligence agency just after the Edward Snowden scandal in 2014 and left earlier this year. Credited with preparing the UK for a new era of cyber challenges (he was behind the launch of the cyber centre), he is now advising businesses on how to prepare for future risks.

“Attacks used to be very crude misspelled [emails], now they are sophisticated – we have seen criminals researching targets, seeing where a CEO’s children go to school so an email looks like it comes from there,” he says, illustrating how hard it can be to spot a red flag. “These aren’t teenagers in a bedroom, these are seriously organised groups. They’ve taken the internet and gig economy model and hire people in.”

Having been Tony Blair’s adviser on Northern Ireland peace talks and a former director general of defence and intelligence at the Foreign Office, Mr Hannigan has seen first hand the changes in the way criminal gangs operate. Many have grown up with the internet, and with technology moving so fast one of the biggest challenges is trying to forecast what the techniques will be in 10 or 20 years, he says.

Trying to make that prediction will require a lot more specialists than are currently available. The UK has a shortage of experts, with start-ups competing to recruit convicted hackers for expertise. Lobby group TheCityUK told The Daily Telegraph this year that it wants to see cyber schools in each UK city with a big financial services presence so that institutions aren’t scrabbling for talent, with plans to transform Bletchley Park – used to crack codes in the Second World War – into the UK’s first National College of Cyber Security delayed by a year. Part of Ms McGuinness’s trip to Israel this week will be about learning how to draw cyber entrepreneurs to the UK.

Mr Hannigan, who is currently advising Lloyd’s of London insurer Hiscox on potential cyber risks ,warns that, while the finance sector is miles ahead of many others in terms of cyber security and awareness, institutions can be “naive” when it comes to state-linked cyber threats with many underestimating the extent to which some countries work with crime groups.

“As state and crime threats merge in some areas, that’s something which needs more work,” he said, using North Korea as an example. “Institutions tend to think that states wouldn’t want to damage the international financial system which they have a stake in, but of course North Korea doesn’t have a stake in it and doesn’t really care.

“That crossover of crime and state is here to stay. I think, thinking beyond fraud and crime, companies need to think about the motives of states that might want to access their data. Financial institutions hold very personal data about millions of people.”

“Cyber crime certainly is capable of causing the next financial crisis – anything that undermines confidence in the banking system could have that effect,” adds Mr Moir, underlining the severity of a potential attack. “Suppose hackers penetrate a bank’s systems and manipulate balances or mortgages so they can no longer be trusted?”

 

The post Today’s bank heists aren’t what they used to be with the battle now fought out in cyberspace appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Toledo business owner says former employee hacked computers, bank accounts

Source: National Cyber Security – Produced By Gregory Evans

TOLEDO, OH (WTOL) – A Toledo business owner says a disgruntled worker brought his business to a halt following a cyber attack on the company’s computers, phones and bank accounts. “Its just not fair for somebody to be that malicious. And for what?” Jacob Lewandowski, owner Jacob’s Ladder Handyman Service…

The post Toledo business owner says former employee hacked computers, bank accounts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Legendary hacker Kevin Mitnick shows bank hacking at summit

Source: National Cyber Security – Produced By Gregory Evans

It seems like even the largest Internet companies cannot prevent security breeches on its own anymore, as experts around the world gather in Beijing to call for deeper and wider cooperation against hacking attempts like the WannaCry incident. The experts are attending the two-day Cyber Security Summit 2017 at the…

The post Legendary hacker Kevin Mitnick shows bank hacking at summit appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Target Your Mobile Bank App; You Can Fight Back

Hackers Target Your Mobile Bank App; You Can Fight BackSource: National Cyber Security – Produced By Gregory Evans BRAVE NEW BANK This NerdWallet series delves into what’s new in retail banking and what’s in it for you. We explore some of the surprising things in store for products, tech and security and look at how they’ll affect consumers. By 2021, millions more of us […] View full post on AmIHackerProof.com | Can You Be Hacked?

The Cybercrime Scheme That Attacks Email Accounts And Your Bank Accounts

Source: National Cyber Security – Produced By Gregory Evans

Cybercrime is ever present, and there is one particular fraud we all should be aware of—particularly anyone who sends or receives bank wiring instructions or the funds themselves. The fraud involves the hacking or impersonating of email accounts, it might be called business email compromise (BEC) fraud, CEO fraud, or…

The post The Cybercrime Scheme That Attacks Email Accounts And Your Bank Accounts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers steal information on 400,000 customers of Italy’s biggest bank

Source: National Cyber Security – Produced By Gregory Evans

Italy’s largest lender, UniCredit, has blamed an unnamed “third-party provider” for two security breaches where hackers have managed to steal information related to the personal loans of some 400,000 customers. UniCredit explained in a statement that the two breaches occurred between September-October of 2016 and June-July of this year. In…

The post Hackers steal information on 400,000 customers of Italy’s biggest bank appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SWIFT hackers steal US$10million from a Ukrainian bank

Source: National Cyber Security – Produced By Gregory Evans

The Information Systems Audit and Control Association (ISACA) announced that hackers have exploited the financial system called Society for Worldwide Interbank Financial Telecommunications (SWIFT), helping them steal US$10million from a Ukrainian bank. SWIFT is a worldwide banking messaging system that controls money transfers between financial institutions around the world. The…

The post SWIFT hackers steal US$10million from a Ukrainian bank appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures