[ISN] Hacked Federal Reserve network was test-only

From: InfoSec News <alerts_at_private>
Date: Mon, 22 Nov 2010 01:33:28 -0600 (CST)

By Robert McMillan
IDG News Service
November 19, 2010

A June 2010 hacking incident that compromised a network at the Federal 
Reserve Bank of Cleveland happened on a test system and not the bank's 
production servers.

On Thursday, Lin Mun Poo was charged with hacking the Fed and other U.S. 
corporations, including payment processor FedComp and an unnamed federal 
defense contractor. He was arrested on Oct. 21 following a U.S. Secret 
Service sting.

The Secret Service says it found more than 400,000 bank card numbers on 
Poo's laptop at the time of his arrest. But those numbers apparently did 
not come from the Fed, which said Friday that none of its sensitive data 
was compromised during the incident. "We don't process credit cards or 
debit card information," said June Gates, a spokeswoman with the Federal 
Reserve of Cleveland.

According to Gates, the hacker managed to break into a single Fed test 
PC that was connected to other test computers. "This is a system that is 
used to test software and applications with fake data and information," 
she said. "The incident did not involve our live production system on 
which we process our work."


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Sun Nov 21 2010 - 23:33:28 PST

This archive was generated by hypermail 2.2.0 : Sun Nov 21 2010 - 23:42:52 PST