http://www.wired.com/threatlevel/2010/01/alleged-ponzi-mastermind-stanford-pwned-in-antigua/ By Brian Krebs Threat Level Wired.com January 5, 2010 In early 2008, while federal investigators were busy looking into disgraced financier Robert Allen Stanford for his part in an alleged $8 billion fraudulent investment scheme, Eastern European hackers were quietly hoovering up tens of thousands of customer financial records from the Bank of Antigua, an institution formerly owned by the Stanford Group. According to a fraud investigator with firsthand knowledge of the break-in, the hackers responsible infiltrated a component of the Stanford Group's network by exploiting vulnerabilities in the company's web servers and databases. On the condition of anonymity, the investigator shared with this author files recovered from the breach, which were stored in plain text for at least several weeks on a website controlled by the attackers. This source said he forwarded the same information on to the FBI shortly after discovering it in early 2008. Once inside Stanford's network, the unidentified hackers appear to have swiped the credentials from an internal network administrator. They soon had downloaded the user names and password hashes for more than 1,000 employees of Stanford Financial, Stanford Group, Stanford Trust and Stanford International Bank. Among the purloined files is a listing of what appears to be ownership and balance information for tens of thousands of customer accounts at Bank of Antigua. Each listing includes the account number, owner's name, address, balance and accrued interest. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Wed Jan 06 2010 - 01:02:58 PST
This archive was generated by hypermail 2.2.0 : Wed Jan 06 2010 - 01:10:29 PST