Latest news
The Hartford - as it is colloquially called - has notified the New Hampshire Attorney General about the breach back at the beginning of March, as well the some 300 affected individuals. According to ComputerWorld, the victims were mostly Hartford employees and contractors - less than 10 individuals were actual customers.
"The Hartford has detected a virus that infected our Windows server environment, which may have resulted in the capture of your personal information," it says in the letter sent to the affected employees. "At this time, we do not know what, if any, personal information the virus may have captured from your session. We do know that the virus has the potential to capture confidential data such as bank account numbers, social security numbers, user accounts/logins, passwords, and credit card numbers."
The breach was noticed first on February 28th, and a subsequent investigation into the matter traced it back to February 22nd. A number of servers were compromised, including the Citrix servers which the employees use to access the company systems from a remote location.
The company notified the victims that their Hartford password has been reset and urged them to reset personal passwords for all sites visited while using the company systems between the two dates.
The Hartford has been working with Symantec to patch up its systems and clean them up of any and all malware present. It has also offered all affected employees and users a free two-year subscription to a credit monitoring program.
Details about how the attackers have managed to access the servers have not been shared, but judging by one of the steps that the company is taking in the wake of the discovery of the breach - additional privacy and information security training for employees - it's most likely that the hackers gained access after an employee had clicked on a malicious link or unknowingly downloaded the malware.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
