[ISN] Malware on Laptop Caused Security Breach at PenFed

From: InfoSec News <alerts_at_private>
Date: Wed, 12 Jan 2011 02:34:06 -0600 (CST)
http://www.depositaccounts.com/blog/2011/01/malware-on-laptop-caused-security-breach-at-penfed.html

[PenFed is short for Pentagon Federal Credit Union  - WK]


By Ken 
Bank Deals Guy
DepositAccounts.com
January 11, 2011

PenFed had a laptop infected with malware that permitted unauthorized 
access to a database containing personal data of certain members. The 
security breach appeared to only affect PenFed members with credit 
cards. Fatwallet members with Amex and Visa credit cards reported being 
issued new credit cards with new numbers. Letters to affected members 
were supposedly sent on January 4th.

New Hampshire is one of the states that require financial institutions 
to notify the state attorney general of security breaches that affect 
any of the state's residents.

Here's the PenFed's letter at the New Hampshire state website. It also 
included a template of the letter that was sent to certain members. 
Here's an excerpt of this letter:

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Wed Jan 12 2011 - 00:34:06 PST

This archive was generated by hypermail 2.2.0 : Wed Jan 12 2011 - 00:41:52 PST