Hackers Steal from Bank to Give to Poor ISIS Fighters, Send Junior High Classmates Porn, Expose N.M. DWI Patients

In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches

Robin Hood Hacker Donates Stolen Bitcoin to ISIS Fighters

A hacktivist has sent $10,000 worth of allegedly stolen virtual currency (25 bitcoins) to Rojava, an autonomous region in northern Syria the hacker describes as "one of the most inspiring revolutionary projects in the world today."

The donor, who goes by the aliases "Phineas Phisher," "Hack Back!" and "@GammaGroupPR," declined to name the victims of the bitcoin heist, saying he'd "rather not yet, since there's hopefully a few orders of magnitude more on the way."

Rojava suffers from something of an identity crisis. On the one hand, according to America, it is a haven for terrorists within the PKK, or Kurdistan Workers' Party -- but it is at war with terrorist group ISIS and obeys a constitution that mandates gender equality and religious freedom.

Cut off from foreign trade by the conflict with ISIS and a hostile Turkey, the region is struggling to feed itself, and seeks donations to purchase farm equipment, according to its crowdfunding page.

The hacktivist is claiming the bitcoin donation, which is recorded publicly on the blockchain ledger and listed on the crowdfunding campaign page, came from hacking into a bank.

“The money did come from robbing a bank,” Fisher wrote in a Reddit post Wednesday. “Bank robbing is more viable than ever, it’s just done differently these days.”

Middle Schooler Uses Hacked Teacher’s Email to Send Classmates X-Rated Material

The Highland Junior High pupil obtained access to a teacher's login information and emailed "inappropriate images" to other students, said Irene Mahoney-Paige, director of communications for Gilbert Public Schools in Arizona. 

She could not confirm how the student gained access to the illicit pictures, but did say all district computers are equipped with the "strongest content-filtering and -monitoring solutions" to prevent students from obtaining inappropriate material at school.

The technology department quickly disabled teacher and student accounts.

"Teachers and staff actively monitor students' computer use," Mahoney-Paige said. "We also provide all students with instruction related to appropriate online behaviors including interacting with other individuals online."

The school’s principal sent the following May 14 letter to parents and students:

Dear HJHS Parents and Students,

I am sorry to report that one of our teachers, Sarita Kulkarni, had her Gilbert Public Schools email account hacked into tonight. There were two very inappropriate messages sent out to her students without her knowledge before district could deactivate her account. If you or your child received one of these email messages, please delete it immediately without opening. We are working on suspending all our student accounts right now to prevent further students from viewing these messages.

Gilbert Public Schools takes situations such as this very seriously. I have reported the crime to the Mesa Police Department and also the FBI since they are the ones who handle all internet fraud. If you have any information regarding this crime, please contact us as quickly as possible so we can report it to the proper authorities.

Again, I am sickened by this horrible act and am working as diligently as possible to take care of the situation. Your continued support is appreciated.

Sincerely,

Marcie Taylor
HJHS Principal

Hack Might Have Exposed Records on New Mexico DWI Patients

Participants in San Juan County treatment programs may have had their personal information stolen when a government computer was hacked earlier in March or May of this year.

The attackers gained access to the county machine at a treatment center for less than 30 minutes, and officials aren't certain if the names, addresses and health records inside the system were actually stolen. 

Still, officials fear the information could be used to open credit card and bank accounts, if it was copied. 

Researchers were not able to trace the act to a particular individual or organization.

California Jail Says Prisoner Health Records Potentially In Wrong Hands

California Correctional Health Care Services disclosed May 13 a laptop was stolen and it may contain personal information of patients. 

The machine was taken from an employee's vehicle Feb. 25. 

An investigation into the incident ended April 25.

The laptop might have held records on California Department of Corrections and Rehabilitation patients incarcerated between 1996 and 2004.

The agency is attempting to notify all individuals potentially affected, but the contact information on file may not be up to date.