Hackers Rape Car Dealership Customer, Change 'Game of Thrones' Dialogue on Reddit; Gitmo Accidentally Leaks Classified Intel

In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches.

Woman Alleges Rapist Tracked Her Down Through Car Dealership Database

Karen Sommers has filed a lawsuit in Orange County Superior Court that contends, in 2005, Travis Dewayne Batten, a mechanic for Fletcher Jones Motorcars, accessed the company's records to find her home in Newport Beach. Sommers and Batten did not know each other before she was attacked.

Sommers claims the dealership's failure to protect her personal information led to her being raped at her home.

Once there, Batten entered through an unlocked door, attacked her, constrained her hands with duct tape, and sexually assaulted her.

Sommers had purchased a Mercedes from Fletcher Jones around 2004 and brought it in for service there.

According to NBC4 Southern California, Sommers returned to the dealership time and again in the years after her brutal attack, not knowing her attacker worked for the company.

In June 2014, a judge sentenced Batten Jr. to 107 years to life in prison for sexually assaulting Sommers and another woman.

“You didn’t keep me safe. You allowed one of your employees to gain access into my records. Where I lived, my phone number. You allowed him to be able to come into my house and attack me,” she told the television station, referring to the car dealership. 

Court documents show Batten “did not have authorization … to review the dealership’s record for plaintiff’s address.”

U.S. Officials Spilled Classified Exhibits during Gitmo Military Court Proceedings

Classified information was inadvertently leaked at a Guantanamo military commission hearing for Sept. 11, 2001, defendants and made its way onto computers used by defense lawyers, prosecutors and the military judge.

Lawyers for Saudi defendant Mustafa Al-Hawsawi disclosed the episode in a submission last month complaining of excessive limitations on classified information in the case.

"On Feb. 23, 2016, counsel for the government emailed the defense [lawyers] advising that certain exhibits the defense used, which the government had turned over in discovery, were in fact classified although they had not been marked as such at the time the government turned them over," al-Hawsawi's attorneys wrote. 

The lawyers said the mishap led to a widespread "scrub" of computer equipment used by a variety of personnel involved with the military commissions.

"As a result of this government determination, the majority of computers of counsel, paralegals and other case personnel in the defense are having to be cleaned (or 'scrubbed'), a process which on average involves each defense team members' computer being unavailable for approximately six hours," the defense filing said.

The information at issue is now classified at the "secret" level.

"There was a mix-up with the documents provided by the government. They're trying to go through the process now of getting the information back," Jim Harrington, an attorney for Yemeni Ramzi Bin Al-Shibh, said during an interview. "They always want to have the hard copies back and they want to have the classified information removed from any computers it is on."

Subreddit Security Holes Entertained This Hacker for Weeks

The hacker, who goes by the name BVM, says he’s taken over so many subreddit threads, he’s “lost count,” but estimates the number is higher than 70. The popular r/pics,r/starwars, and r/gameofthrones, among others, have seen their homepages defaced in the last few days. 

The website’s lack of two-factor authentication and other insecurities have helped his cause.

BVM, who declined to identify himself other than saying he is male, also refused to disclose the vulnerabilities that allowed him to hijack webpages. 

"But he did admit that he’s hacking into moderators’ accounts and then changing the CSS style of the pages, replacing it with a note taking responsibility," according to Motherboard. "BVM is either phishing passwords out of the mods, or bruteforcing their accounts. Given that Reddit doesn’t have two-factor authentication (2FA), the password of a mod really is the only barrier of entry to a subreddit," Motherboard added, using the shorthand for "moderator."

A moderator of r/pics who got hacked by BVM said his account was breached because of password reuse. In other words, he was using the same password on Reddit and another service that likely was compromised earlier.

Why is BVM hacking these subreddits?

“It’s not like it’s really a challenge or anything so I just do it to pass time,” the hacker told Motherboard in an online chat.

BVM doesn’t really put too much thought into choosing his targets. The hacker said he either chooses them from the top subreddits according to redditmetrics.com, or uses the site’s option to navigate to a random subreddit.

Skimmer Devices on Registers Likely Behind Wal-Mart Customer Data Breach

If you swiped your debit or credit card at the Fredericksburg Wal-Mart during March and April, you might want to contact your bank, law enforcement authorities say.

It is believed hackers obtained customer card information by placing overlay devices on credit card readers at checkout counters during those months. The exact registers have not been determined, according to police.

Fredericksburg City Police says a "large number" of debit/credit card users at the Central Park Wal-Mart had their card information stolen, with dozens of reports of fraudulent cash withdrawals.

One local credit union has reported that 37 customers were victims of large, unauthorized ATM withdrawals. The crooks used stolen card data that originated from the Wal-Mart. Similar cases have been reported by other banks.