Token Appreciation
In the wake of a security compromise, RSA Security announced it will replace 40 million SecurID tokens at 30,000 companies and government agencies that use them to log in to computers securely for things like online banking sessions, or to access other critical company information, The Washington Post reported Tuesday.
In March, hackers gained access to core information that the SecurIDs use to generate codes that enable a login.
Last month, the defense company Lockheed Martin Corp. of Bethesda, Md., disclosed that employees who used SecurID tokens to log in to the company's internal network while they were beyond the firewall had been targeted by hackers.
"Against this backdrop of increasingly frequent attacks, on Thursday, June 2, 2011, we were able to confirm that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed Martin has stated that this attack was thwarted. … As a result, we are expanding our security remediation program to reinforce customers' trust in RSA SecurID tokens and in their overall security posture," RSA executive chairman Art Coviello wrote in an open letter posted on RSA's website Monday. RSA is a unit of EMC Corp. of Hopkinton, Mass.
Separately, CNet reported Monday that hackers in China appear to have launched the attacks against Lockheed Martin and two other military suppliers, L-3 Communications and Northrop Grumman. The tokens reportedly were used in the attacks on L-3 and Northrop Grumman.
CNet reported that Lockheed alone plans to replace 45,000 SecurID tokens.
Skimming Scheme
Three Romanians and an Austrian were charged with stealing $1.5 million from Citigroup Inc. and JPMorgan Chase & Co. automated teller machines in Chicago, Miami and New York between March and May 2010, Dow Jones and other sources reported Monday.
The Justice Department named Mihail Draghici, Ionel Dedulescu, Didi Theodor Ciulei and Laurentiu Mugurel Manta in its indictment, charging them with conspiracy to commit bank fraud, conspiracy to commit access device fraud and aggravated identity theft, Dow Jones reported.
The four allegedly used skimming devices to record customers' identifying information from the magnetic stripe of ATM cards. They are also accused of stealing PIN codes that enabled them to use duplicate cards.
Draghici and Dedulescu were arrested in December as they tried to board an international flight in Miami. They face an additional charge of bank fraud. Ciulei and Manta were arrested in Chicago in May.
If convicted, the four could face more than 60 years in prison.
Information Bank
A former Bank of America Corp. employee is reportedly responsible for the theft of $10 million from the bank accounts of 300 of the Charlotte, N.C., company's customers, according to the website Mybanktracker.com in a May 30 story.
The former employee is accused of providing criminals with everything necessary to set up fraudulent accounts or to rob existing ones, including names, addresses, Social Security numbers, bank account numbers, birth dates, email addresses, names of family members, PINs and account balances.
