Hackers Attack Baltimore Personnel & Turner Construction Workers; FDIC Worker Accidentally Walks Out With Data


Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.

In case you missed our coverage this week in ThreatWatchNextgov’s regularly updated index of cyber breaches

Fraudsters Stole Data on Baltimore City Employees

The security breach was detected when a "few dozen" city employees attempted to file tax returns and were rejected, according to officials.

Every employee, retiree and past employee could be affected, officials said. It is not clear when the data theft happened. 

"We have not seen it limited to a specific agency of city government," said Howard Libit, spokesman for Mayor Stephanie Rawlings-Blake.

In the meantime, city officials have shut down online access to payroll and tax information. An email went out on April 14 alerting all employees to the incident. 

Officials suspect information such as Social Security numbers, names and dates of birth was stolen.

Email Scam at Turner Construction Co. Affects Employees Nationwide

An unknowing employee sent personal and financial information on workers to a fraudulent email address, according to a notification a Turner attorney sent March 7, five days after the incident.

All employees who worked for Turner in 2015 are affected.

Turner currently has 5,600 employees in North America.

An employee mistakenly forwarded the employees' names and Social Security numbers, along with earnings and tax information to a con artist.

Turner says it has provided the compromised data to the Internal Revenue Service, which has taken steps to monitor employees' tax accounts for suspicious activity.

Former Employee Mistakenly Takes FDIC Data with Him on the Way Out

An internal Federal Deposit Insurance Corp. memo says the information was downloaded to a personal storage device “inadvertently and without malicious intent.”

The former employee, who wasn’t identified, left the FDIC on Feb. 26, 2016, with the thumb drive. Using technology that tracks downloads to removable devices, the agency detected the breach Feb. 29, 2016.

Thee employee returned the device the next day. “The FDIC’s relationship with the employee has not been adversarial,” the March 18, 2016 memo said.

The notice does not state what information was taken, but does say the former employee had legitimate access to it “for bank resolution and receivership purposes.”

Congress was notified about the mistake because FDIC considered the breach to be a “major” incident under the Federal Information Security Modernization Act of 2014.

“The FDIC’s investigation does not indicate that any sensitive information has been disseminated or compromised,” the memo said.

Kylie Jenner Lip Kit Website Exposed Customer Data

The cosmetics website of the Kardashian sister has been inadvertently leaking personal information to other clients. 

Here's how the situation played out: When someone tried to log into the site, it sent them to an existing customer's account, revealing names, email addresses, personal addresses, order history, etc. Every time a customer refreshed the site, it sent them to another customer's account.

Customers of Kylie Cosmetics complained to her people. Her staff had no idea it was happening, and just made a quick, temporary fix, TMZ reported Monday, April 11. 

"A lot of people could have had their info compromised, because Monday was restock day for Kylie's Lip Kit -- which sold out immediately with over a million kits bought," according to TMZ.