[ISN] Hacker breaks into Treasurer's Office

InfoSec News isn at c4i.org
Fri Jun 30 12:35:54 EDT 2006


Lincoln Journal Star
June 30, 2006

Personal and financial information of more than 300,000 people may be
in the hands of a hacker following a Wednesday break-in of the state
computer system that processes child-support payments.

A preliminary investigation of the incident suggests that the hacker
did not download the information, said State Treasurer Ron Ross. But
the possibility does exist.

"Based upon the method of attack, it is more likely the hacker's
intent was not to steal information, but rather to do something
malicious since the hacker inserted a virus onto the server, which we
immediately removed," Ross said.

The child-support payment system was centralized in the treasurer's
office five years ago and now processes $1 million in transactions
daily. Identity information potentially stolen by the hacker, which
investigators believe may be based outside the U.S. and possibly in
Asia, includes: names, addresses, bank account numbers, social
security numbers and tax identification numbers.

Roughly 300,000 individuals and 9,000 employers may be affected. Ross
said it was the first time the computer system, called KidCare, had
been hacked. He was not aware of similar security breaches in other

The break-in, which Ross said lasted about 40 minutes, was detected by
an employee after coming to work Wednesday morning. The system is not
monitored 24 hours a day by a person.

The State Patrol has initiated a full investigation that could include
help from the FBI and other agencies. Ross pledged to "get to the
bottom of it" and implement new safeguards to prevent future
break-ins. But that won't likely include round-the-clock monitoring of
the system by a person.

"I don't think we're at a point in government we want somebody
standing by a computer screen 24-7, but we do need protocols in
place," Ross said.

"We thought we had good safeguards...somebody got in a door we didn't
think they'd be able to get into."

The hard drive and server affected by the breach were immediately

Unlike many arms of state government, the child-support system is not
part of the state's centrally controlled computer system, said Brenda
Decker, chief information officer for the state. The incident will
prompt state officials to take a closer look at whether it should be.

"We're working with the State Patrol to see if we can make this as
secure and hardened as the rest of the system," Decker said.

Asked during a press conference if the child-support system had the
best available security system, Ross said he believed it did.

Those who pay or receive child-support should closely monitor their
bank accounts, and are advised to close them if the see suspicious

© 2002-2006, Lincoln Journal Star. All rights reserved.

More information about the ISN mailing list