From: security curmudgeon (jerichoattrition.org)
Date: Wed Jan 07 2009 - 00:15:52 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9125078

By Robert McMillan
January 6, 2009
IDG News Service

CheckFree and some of the banks that use its electronic bill payment
service are notifying more than 5 million customers after criminals took
control of several of the company's Internet domains and redirected
customer traffic to a malicious Web site hosted in the Ukraine.

The Dec. 2 attack was widely publicized shortly after it occurred, but in
a notice filed with the New Hampshire Attorney General, CheckFree
disclosed that it was warning many more customers than previously thought.

That's because CheckFree is not only notifying users of its own
CheckFree.com Web site of the breach, it is also working with banks to
contact people who tried to pay bills from banks that use the CheckFree
bill payment service.

"The 5 million people who were notified about the CheckFree redirection
were a combination of two groups," said Melanie Tolley, vice president of
communications with CheckFree's parent company, Fiserv, in an prepared
statement. "1.) those who we were able to identify who had attempted to
pay bills from our client's bill pay sites and minus those who actually
completed sessions on our site; and 2.) anyone enrolled in
mycheckfree.com."

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]