Hackers Breach Oregon Refuge Employee Data and Dump Car Breathalyzer’s Source Code
The Malheur National Wildlife Refuge near Burns, Ore., is seen from atop an old fire lookout on Friday, Jan. 15, 2016. A small, armed group has been occupying the refuge since Jan. 2 to protest federal land use policies. Keith Ridler/AP
Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:
Militia May Have Breached Federal Employee Data on Refuge Computers
Oregon Public Radio, while inside the Malheur National Wildlife Refuge compound, observed militants interacting with computers that can only be accessed with employee ID badges.
The incident coincided with the militia’s refusal Jan. 8 to leave the facility, which they have illegally occupied since Jan. 2.
LaVoy Finicum, a member of the occupying group’s security team, accidentally led the radio station into the computer room.
“After Finicum realized he shouldn’t have allowed OPB to access the room, he quickly picked up lists of names and Social Security numbers by the computers, and hid government employee ID cards that were previously in plain sight,” the station reported.
Because the militia potentially compromised personal information on employees -- including home addresses -- some workers have been advised to temporarily move elsewhere.
FTC Leaks Email Addresses of Privacy Conference Participants
The day before a forum on digital privacy, the Federal Trade Commission in a mass email sent to every registrant carbon copied the addresses of everyone.
The message advised participants to show up early to get a seat.
“A classic email blunder -- using the 'cc' function instead of the 'bcc' function -- in any normal situation, this particular mistake smacked of irony,” CNET writes.
FTC blamed the mishap on an unknown error with its email distribution list.
The agency sent a recall message and encouraged participants to delete the email so they wouldn't retain the list of addresses, which included more than 600 business people, academics, government workers and journalists. But the damage was already done.
"I find it surprising that FTC.gov team would not hide all of the email recipients on a blast in regards to a conference on ... digital security and best practices," wrote Shane Unrein, director of digital marketing and social media at an automotive company in Virginia, in a reply-all message to the agency's email. "Just saying :-/," he added.
Source Code of Car Breathalyzer Firm Allegedly Dumped Online
A hacker going by the handle ROR[RG] apparently posted internal documents of LMG Holdings and at least one of its subsidiaries -- LifeSafer, which describes itself as a leader in "ignition interlock technology." The tech prohibits a vehicle from starting if a required in-car breath test of the driver detects inebriation.
LifeSafer claims to have more than 70,000 of its devices installed across 46 states.
“LMG full data fucking ripped,” ROR[RG] posted on a hacker forum called Hell. The message was published within the past few days.
The site provides a link to a list of files, before adding “pay up or get [f*****]!,” suggesting the dump may have been part of an extortion scheme.
The contents include instruction manuals for modifying and assembling products, as well as detailed schematics of various goods. The documents describe the behind-the-scenes mechanics of LifeSafer's products. Some of the files date back to 2006, with one disclaiming “Unauthorized use, possession or duplication will result in Severe [sic]civil and criminal penalties.”
On top of this cache, several folders contain files that appear to be proprietary source code for various devices. One section of the dump, labeled as “FC100_Camera_Reference_Material,” includes supposed boot loaders and other code for the device.
Anonymous Accused of Posting Sacramento Officials’ Personal Data
Hackers protesting a Sacramento homeless policy are using social media to publicize the apparently private home addresses and phone numbers of members of the City Council. A separate dump contains city-issued email addresses for police department personnel and names of high-ranking police officials.
It’s unclear who posted the information on a website. But Twitter accounts associated with international hacking group Anonymous and the Operation Right to Rest movement linked to the information. Both groups are supporting activists trying to overturn an anti-camping ordinance.
Sacramento Police Chief Sam Somers Jr. said his department is looking into the postings. He said a lot of the information is accessible from public websites and a lot of personal data posted is inaccurate.