Monday Morning News Kick Off: Hackers Attack Nintendo; Sony Hackers Strike FBI Affiliate; and Sony Pictures Breached

June 23, 2011 – 12:56 am

Welcome to the Monday Morning News Kick Off post from the ITAC blog. As always, we have compiled all of the key data breach, identity theft and hacker news you need in one convenient location. We know that we are starting to sound like a broken record these days, but there is no shortage of breach-related news these days and this is not a good thing. Scroll down to read more.

Hackers Attack Nintendo Nintendo Co. said Sunday that a server for its U.S. units website had been hacked into but that no company or customer information was compromised, marking the first time the Japanese gaming giant has been targeted in widespread global hacking attacks. The incident at Nintendo is extremely minor compared with the hacker attacks on rival Sony Corp.s PlayStation Network and other online services since April that have led to a personal data breach involving more than 100 million user accounts. The Nintendo breach involved no sensitive information and hasnt caused any damage to its operations or inconveniences for its customers, the company said. Still, the incident at another global gaming giant raises a question over whether any online services can be fully protected from potential hacking attempts.

Sony Hackers LulzSec Strike FBI Affiliate InfraGard LulzSec, the hacking group that has been identified as being behind the latest attack on Sony, has struck again—this time targeting a private-sector FBI affiliate called InfraGard. InfraGard is a non-profit organization that connects the business community with law enforcement. It has about 42,000 members, including FBI agents, according to its website, and has an FBI special agent coordinator at each the bureaus field offices who recruits interested civilians nearby to form local InfraGard chapters. The InfraGard hack was part of a LulzSec action it called F**k FBI Friday and culminated in the anonymous hacking groups publication of InfraGard e-mails, passwords and personal contact information for about 180 members on Friday.

Stolen Data Is Tracked to Hacking at Lockheed Lockheed Martin said Friday that it had proof that hackers breached its network two weeks ago partly by using data stolen from a vendor that supplies coded security tokens to tens of millions of computer users. Lockheed’s finding confirmed the fears of security experts about the safety of the SecurID tokens and heightened concerns that other companies or government agencies could be vulnerable to hacking attacks. The tokens, which are used to protect remote access to computer networks, are sold by the RSA Security Division of the EMC Corporation. RSA officials said Friday that they accepted Lockheed’s findings and were working with customers to offset the risks through other measures.

Sony Pictures Falls Victim to Major Data Breach LulzSec, a hacking group that recently made news for hacking into PBS, claimed today that it has broken into several Sony Pictures websites and accessed unencrypted personal information on over 1 million people. In a statement released Thursday, the group claimed that it had also managed to compromise all admin details, including administrator passwords, as well as 75,000 music codes and 3.5 million music coupons from Sony networks and websites. The group has publicly posted a full list of compromised sites, along with links to documents containing samples of what it claimed was material stolen from Sony.

Honda Data Breach Triggers Lawsuit Beware storing outdated customer data on websites. Honda Canada is learning that lesson the hard way, after a March breach in which 283,000 customers details were exposed. Honda began informing affected customers by mail in May. The information that may have been accessed was related to a series of customer mail programs encouraging customers to register at the myHonda website, according to a statement posted on the Honda website. The mailings all took place in 2009, however; the unauthorized access took place recently. Upon detection, immediate action was taken to prevent further unauthorized access. Check out the full InformationWeek story here.

E-filing and ID theft arent linked, IRS says The growing popularity of the Internal Revenue Services e-filing system isnt to blame for a massive increase in identity theft-related tax fraud, IRS Commissioner Douglas Shulman told a House panel last Thursday. E-filers are required to submit all the same identifying information as paper filers, Shulman told the House Oversight and Government Reform Committees panel on financial management. Asked if paper filing isnt harder to fake because it requires physical forms, such as the W2, Shulman noted filers can get around the requirement by claiming to have lost paper forms. Identity thieves who want to keep their contact with the IRS at a minimum can receive refunds just as quickly as e-filers by submitting paper returns by overnight mail, he said.

Hackers Gather Around the Globe to Fight Climate Change When you hear the word hacker, you probably dont picture someone dedicated to solving the problems of global development. But this weekend, self-proclaimed hackers around the world will gather at hackathon events to tackle disaster-risk management and climate change. The occasion is the semiannual Random Hacks of Kindness global conference, which seeks to leverage Internet data to address world problems. Gatherings will be held in cities around the globe, from Atlanta to Californias Silicon Valley and from Basel, Switzerland, to Bogota, Colombia. The conference is the result of a 2009 collaboration by Google, Microsoft, Yahoo!, NASA and the World Bank, which founded Random Hacks of Kindness. (Both the organization and the events it organizes are known as RHoK.)

Identity Theft Online