Hackers Breach Oregon Refuge Employee Data and Dump Car Breathalyzer’s Source Code

The Malheur National Wildlife Refuge near Burns, Ore., is seen from atop an old fire lookout on Friday, Jan. 15, 2016. A small, armed group has been occupying the refuge since Jan. 2 to protest federal land use policies.

The Malheur National Wildlife Refuge near Burns, Ore., is seen from atop an old fire lookout on Friday, Jan. 15, 2016. A small, armed group has been occupying the refuge since Jan. 2 to protest federal land use policies. Keith Ridler/AP

Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.

In case you missed our coverage this week in ThreatWatchNextgov’s regularly updated index of cyber breaches: 

Militia May Have Breached Federal Employee Data on Refuge Computers

Oregon Public Radio, while inside the Malheur National Wildlife Refuge compound, observed militants interacting with computers that can only be accessed with employee ID badges.

The incident coincided with the militia’s refusal Jan. 8 to leave the facility, which they have illegally occupied since Jan. 2.

LaVoy Finicum, a member of the occupying group’s security team, accidentally led the radio station into the computer room.

“After Finicum realized he shouldn’t have allowed OPB to access the room, he quickly picked up lists of names and Social Security numbers by the computers, and hid government employee ID cards that were previously in plain sight,” the station reported.

Because the militia potentially compromised personal information on employees -- including home addresses -- some workers have been advised to temporarily move elsewhere.

FTC Leaks Email Addresses of Privacy Conference Participants

The day before a forum on digital privacy, the Federal Trade Commission in a mass email sent to every registrant carbon copied the addresses of everyone.

The message advised participants to show up early to get a seat.

“A classic email blunder -- using the 'cc' function instead of the 'bcc' function -- in any normal situation, this particular mistake smacked of irony,” CNET writes.

FTC blamed the mishap on an unknown error with its email distribution list.

The agency sent a recall message and encouraged participants to delete the email so they wouldn't retain the list of addresses, which included more than 600 business people, academics, government workers and journalists. But the damage was already done.

"I find it surprising that FTC.gov team would not hide all of the email recipients on a blast in regards to a conference on ... digital security and best practices," wrote Shane Unrein, director of digital marketing and social media at an automotive company in Virginia, in a reply-all message to the agency's email. "Just saying :-/," he added.

Source Code of Car Breathalyzer Firm Allegedly Dumped Online

A hacker going by the handle ROR[RG] apparently posted internal documents of LMG Holdings and at least one of its subsidiaries -- LifeSafer, which describes itself as a leader in "ignition interlock technology." The tech prohibits a vehicle from starting if a required in-car breath test of the driver detects inebriation.

LifeSafer claims to have more than 70,000 of its devices installed across 46 states.

“LMG full data fucking ripped,” ROR[RG] posted on a hacker forum called Hell. The message was published within the past few days.

The site provides a link to a list of files, before adding “pay up or get [f*****]!,” suggesting the dump may have been part of an extortion scheme.

The contents include instruction manuals for modifying and assembling products, as well as detailed schematics of various goods. The documents describe the behind-the-scenes mechanics of LifeSafer's products. Some of the files date back to 2006, with one disclaiming “Unauthorized use, possession or duplication will result in Severe [sic]civil and criminal penalties.”

On top of this cache, several folders contain files that appear to be proprietary source code for various devices. One section of the dump, labeled as “FC100_Camera_Reference_Material,” includes supposed boot loaders and other code for the device.

Anonymous Accused of Posting Sacramento Officials’ Personal Data

Hackers protesting a Sacramento homeless policy are using social media to publicize the apparently private home addresses and phone numbers of members of the City Council. A separate dump contains city-issued email addresses for police department personnel and names of high-ranking police officials.

It’s unclear who posted the information on a website. But Twitter accounts associated with international hacking group Anonymous and the Operation Right to Rest movement linked to the information. Both groups are supporting activists trying to overturn an anti-camping ordinance.

Sacramento Police Chief Sam Somers Jr. said his department is looking into the postings. He said a lot of the information is accessible from public websites and a lot of personal data posted is inaccurate.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.