Feeds

Fed confirms but downplays Anonymous Super Bowl banker hack

Sod that, Beyoncé is a member of the ILLUMINATI

SANS - Survey on application security programs

The US Federal Reserve has admitted that its systems were hacked during Sunday's Super Bowl, a breach that led to the leaking of personal data on hundreds of US banking executives.

The breach allowed hacktivist ragtag collective Anonymous to post the names, email addresses, mobile phone numbers and login credentials (password hashes and IDs) of what it said were 4,000 senior US banking executives. The attack and subsequent leak was carried out as part of an ongoing campaign, dubbed Operation Last Resort, calling for reform of the justice system following the suicide of RSS and Reddit co-creator and activist Aaron Swartz. Swartz had been the target of a controversially aggressive federal cybercrime prosecution after he broke into MIT servers in an effort to liberate academic papers onto the internet.

The leaked file was uploaded to the hacked portion of a website of the Alabama Criminal Justice Information Center (acjic.alabama.gov) and a Chinese site, rather than Pastebin. The Federal Reserve admits the leaked data is genuine and came from its systems, the while playing down the significance of the breach.

"The Federal Reserve system is aware that information was obtained by exploiting a temporary vulnerability in a website vendor product," a spokeswoman told Reuters on Tuesday. "Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system."

Reuters obtained a memo from the Fed to members of its Emergency Communication System (ECS) warning that "mailing address, business phone, mobile phone, business email, and fax numbers had been published," but playing down the significance of the breach.

"Some registrants also included optional information consisting of home phone and personal email. Despite claims to the contrary, passwords were not compromised," the organisation said.

Anonymous’ OpLastResort previously featured attacks on the US Sentencing Commission and the Eastern District of Michigan United States Probation Office website. The Sentencing Commission hack involved embedding a game of Asteroids as an Easter Egg in the site, which is yet to return to normal operation more than a week after the initial assault. ®

Bootnote

The headline event from Sunday's Super Bowl at the New Orleans Superdome was of course the extended power outage. Some reports suggest that the tripping of an electrical breaker left the the indoor sports arena relying on emergency lighting, suspending play for 34 minutes. The whole incident may, of course, have been designed to allow extra time for advertisers. However, Beyonce's supposed use of an "Illuminati" symbol (chillingly captured here) during her half time show is bound to excite a few conspiracy theorists towards thinking darker forces were at work.

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.