Hackers Plunder Clinton Foundation, Bankrupt Cryptocurrency VC Fund and Log into GoToMyPC
Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:
It Looks Like the DNC Hackers Also Plundered the Clinton Foundation
The Bill, Hillary and Chelsea Clinton Foundation is among the organizations breached by suspected Russian government-sponsored cyber spies in the lead up to the November election.
Government investigators witnessed unauthorized activity on the foundation’s computers as recently as the week of June 12. Agents often monitor servers hackers use to communicate with their targets, giving them a back channel view of attacks, often even before the victims detect them.
The hackers had been seeking data from at least 4,000 individuals associated with U.S. politics for about seven months through mid-May. Those targets include party aides, advisers, lawyers and foundations.
"The thefts set the stage for what could be a Washington remake of the public shaming that shook Sony in 2014, when thousands of inflammatory internal emails filled with gossip about world leaders and Hollywood stars were made public," Bloomberg reports.
Already, donor information and opposition research on Trump purportedly stolen from the Democratic Party has surfaced online, and the culprit has threatened to publish thousands more documents.
A hacker or group of hackers on June 21 posted what they said was a list of donors who had made large contributions to the Clinton Foundation.
The breadth of the attacks and the government warnings raise new questions about whether the campaigns have done enough to protect their systems.
The Clinton campaign was aware as early as April it had been targeted by hackers with links to the Russian government on at least four recent occasions.
Clinton spokesman Glen Caplin said the campaign had no evidence its systems were compromised.
The hackers’ links to the Russian government were first identified by CrowdStrike Inc., working for the Democratic Party.
A law firm reviewing the DNC’s initial findings, Baker & McKenzie, has begun working with three additional security firms -- FireEye Inc., Palo Alto Networks Inc. and Fidelis Cybersecurity -- to confirm the connection.
Virtual Currency VC Fund Has Shut Down After Losing $150M Worth of 'Ether'
A venture capital fund that in May raised more than $150 million worth of a virtual currency known as ether has been hacked. About 3.6 million ether, equal to more than $60 million, was diverted from the main fund to another.
Founders of the fund have announced they will wind down the new financial institution and attempt to retrieve the lost ether.
"The DAO's journey is over but all funds are safe," said Stephan Tual, the founder of Slock.It, the group that created DAO. "All stolen funds will be retrieved from the attacker."
Launched in April, the DAO is a leaderless organization run entirely by computer code. Participants use tokens to vote on upcoming company decisions.
The fund aimed to use self-operating digital contracts to generate funds that would sponsor fledgling cryptocurrency projects.
The Ethereum Foundation's website states the hacker’s account has been identified and essentially frozen.
The Wall Street Journal explains: "The attacker appeared to have exploited a loophole that essentially allowed a DAO stakeholder to create an identical fund and move money into it. But the code also imposes a waiting period that means the new fund can’t move any money for 27 days. The DAO’s founders are planning to 'fork' the code and effectively void the hacker’s transactions."
The experiment in cryptocurrency finance was criticized early on for being poorly constructed, spurring calls to halt operations until the bugs could be worked out.
Citrix, the company that runs the remote-login service, has reset all user passwords, after a security incident.
The details of the incident are sketchy, at best.
"Has GoToMyPC suffered a data breach, with passwords nabbed from its servers by online criminals, or is it that attackers are using credentials stolen from other sites to gain access to GoToMyPC accounts?" security researcher Graham Cluley questions.
Right now, GoToMyPC isn't saying. Maybe it simply doesn't know.
PC Maker Acer Hit by Data Breach
The computer company reported to the California attorney general its online stores were hacked.
In a June 15 letter, the Taiwanese technology giant admitted an unauthorized party stole a year's worth of credit card data, names and addresses. The credit card information taken includes the card number, expiration data and CVC security code.
An Acer spokesperson said the company has notified affected customers, all of whom are based in the U.S., Canada and Puerto Rico.
The company later said Acer “inadvertently stored [the stolen consumer data] in an unsecured format," which enabled the attack.
NEXT STORY: OPM Updates Hack Info Website