Hackers Take Special Ed Students’ Secrets, Book Marriott Hotel Room, and Deceive Snapchat Payroll Employee


Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.

In case you missed our coverage this week in ThreatWatchNextgov’s regularly updated index of cyber breaches:

Stolen Laptop Held Data on Hundreds of Md. Special Ed Students

The machine was taken from WestEd, a nonprofit organization that had assisted Montgomery County, Maryland, school system officials with a review of its special education processes and procedures.

The results of the review were issued in October. But the data remained on the hard drive of at least one WestEd computer. That laptop was pinched Nov. 3, when intruders broke into the organization’s D.C. offices and carted off five computers.

Organization officials said they did not immediately realize student information was in the laptop but discovered the loss as they conducted an investigation. Montgomery school officials say they were told of the problem Nov. 24. WestEd finalized a letter to parents in late December and mailed the notifications Jan. 5.

The laptop was password-protected and stored in an administrative assistant’s locked desk drawer. The affected data was in email attachments.

Montgomery County school officials say they had expected tighter controls on the student information.

“We are frustrated with their carelessness toward our records,” Montgomery schools spokesman Derek Turner said.

Elise Cohen, a Rockville parent with two sons who received two letters, was dismayed about the possibility of fraud, particularly for her teenager. “We’re concerned about any debt that could be incurred in his name and any of the other permutations of identity theft,” she said.

The data compromised included parent and student names, addresses, phone numbers, students’ birth dates, school status, disability, race, home language spoken, mediation and hearing outcomes, most-recent individualized education program meeting date and type, and school enrollment information. No Social Security numbers were included.

Alleged Serial Forger Arrested in Hotel Room Paid for With Fake ID

Antonio Moreno, 27, was found with personal details belonging to dozens of identity theft victims.

The bust took place back in January after someone called police and reported their stolen credit card was used to book a room.

Moreno was in the Marriott Hotel room with other individuals and police say the group had filched credit cards, checks and Social Security numbers.

Investigators found a laptop with instructions for creating credit cards.

The cops also found a printer and at least 50 documents containing personal information scraped from receipts and job applications at a Denny's restaurant.

Another suspect was found with a box of leasing paperwork from tenants of an apartment complex where the individual previously worked as a manager.

Payroll Staffer Lured Into Compromising Snapchat Employee Data

The high-tech provider of disappearing texts fell for a phishing scheme.

On Feb. 28, Snapchat disclosed that the data of some of its current and past personnel has been hacked. On Feb. 26, a scammer impersonated the company’s CEO, Evan Spiegel, and sent a phishing email asking for payroll information to an employee in that department.

Neither Snapchat’s security system, nor the employee realized it was a ploy, and the data was “disclosed externally,” the company explains.

Snapchat says it took action within four hours, adding it was an isolated phishing incident.

App user data and the company’s servers are safe, Snapchat says, still sensitive about the topic after a massive amount of data was leaked in late December 2013. 

ID Thieves Zero In On Cox Communications Employees

Names, email addresses, phone numbers and other information ostensibly relating to some 40,000 Cox Communications employees is currently for sale in the so-called Dark Web, a marketplace for stolen data and malware.

“Selling 40k personal details of cox employs [sic],” reads a listing on The Real Deal Market, an underground portal.

Motherboard says it “obtained” a relatively small sample of the data for verification purposes, containing information on 100 apparent employees and shared a copy of it with the targeted ISP.

The hacker advertising the data, who claims to be behind the breach, would not tell Motherboard how he or she gained access to Cox's systems, but indicated more data may have been stolen.

“Cox Communications is aware of this matter and the business-related information to which it relates,” Cox Communications spokesperson Todd Smith said in an email. “We’re taking this very seriously and have engaged a third-party forensic team to conduct a comprehensive investigation and are actively working with law enforcement.”

The names seem to correspond to real staff members, judging by employee profiles on LinkedIn and other websites.

(Image via /Shutterstock.com)