Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:
Supporters of Enrique Peña Nieto hacked opponents to help him win Mexico’s 2012 presidential election, according to one incarcerated Colombian coder who says he was part of the scheme.
Andrés Sepúlveda claims to have stolen data, installed malware and manipulated social media sentiment to get the job done.
Sepúlveda is serving a 10-year sentence for hacking crimes related to Colombia’s 2014 presidential election, when he tried to get rightwing opposition candidate Óscar Iván Zuluaga into office. After several attempts on his life, Sepúlveda reportedly chose to go public about his dirty work so he can win support for a reduced sentence, writes the Guardian.
According to the Guardian's synopsis, Sepúlveda reportedly was given a $600,000 budget to undermine the campaigns of Peña Nieto’s two main opponents on both sides of the political spectrum: the ruling National Action party’s Josefina Vázquez Mota and the Democratic Revolution party’s Andrés Manuel López Obrador.
Sepúlveda’s team installed malware in routers in the headquarters of the PRD candidate, which let him tap the phones and computers of anyone using the network, including the candidate. He took similar steps against PAN’s Vázquez Mota. When the candidates’ teams prepared policy speeches, Sepúlveda had the details as soon as a speechwriter’s fingers hit the keyboard. Sepúlveda saw the opponents’ upcoming meetings and campaign schedules before their own teams did.
Money was no problem. At one point, Sepúlveda spent $50,000 on high-end Russian software that made quick work of tapping Apple, BlackBerry, and Android phones.
Verizon Enterprise Solutions, a unit of the telecommunications giant that responds to corporate data breaches, is reeling from its own data breach involving the theft and resale of customer details.
The week of March 20, a Dark Web denizen put up for sale a database containing the contact information for some 1.5 million customers of Verizon Enterprise.
The seller is offering the database in multiple formats, including the MongoDB platform, so it seems likely the attackers somehow forced the MongoDB system to dump its contents.
Interested ID thieves can own the whole database for $100,000 or buy 100,000 records for $10,000 a chunk.
“Buyers also were offered the option to purchase information about security vulnerabilities in Verizon’s website,” KrebsOnSecurity reports.
A notorious hacker who goes by “Weev” says he transmitted the pages to every Internet-accessible printer in North America.
Covered in swastikas, the fliers, which seemed to appear spontaneously on more than a dozen college printers, including those at Princeton University, mentioned “the struggle for global white supremacy.”
Weev, whose real name is Andrew Auernheimer, said he did not specifically target college campuses.
The fliers directed readers to The Daily Stormer, a neo-Nazi website. Auernheimer said free speech was the motivation behind his printing spree: "White cultures and only white cultures are subject to an invasion of foreigners.”
Auernheimer said he carried out the attack from his home in Abkhazia, a breakaway region of Georgia. He said he was able to print the fliers to at least 20,000 printers across the United States, exploiting vulnerable devices with Internet addresses publicly available online.
Princeton University officials said they believe someone was able to learn the unique Internet addresses of university printers and sent the document as part of a coordinated attack. Any networked printer is potentially vulnerable to such a breach if a computer user is able to hack into the network or learn its specific address.
Nicholas Perring, of Olympia, Washington, is suspected of breaking into four offices, all within the same building, on two different days. The hard drives allegedly stolen have not been recovered.
The burglaries showed no signs of forced entry. A female former office employee who was fired for stealing had pawned several items matching the descriptions of those taken from the offices. Perring is the woman’s boyfriend, and detectives say he also had pawned several items.
The offices belong to the Department of Health and Human Services Office of Child Support Enforcement, the National Federation of Independent Business, the Federal Highway Administration and Lightspeed Retail.
The first burglary occurred Feb. 5. Several items were taken, including about $600 and two external hard drives from the Office of Child Support Enforcement. Each hard drive contained between 2 million and 5 million individual profiles, which include people’s names, birth dates, Social Security numbers, addresses and phone numbers.
Perring, 28, also allegedly took a government credit card, a laptop, two thumb drives, an iPod, office supplies and a running bra from the Office of Child Support Enforcement.
A television remote and a magnifying glass were taken from the National Federation of Independent Business.
On March 7, a second burglary was reported in the building. A camera, a backpack and $39 were taken from the Federal Highway Administration, and two laptops, a computer camera, a Super Nintendo and three Nintendo games were taken from Lightspeed Retail.