Business Continuity & Cyber security Incident Log w/e 28/04/2017

Business Continuity Incident

Intercontinental card data breach hits 1200 hotels

InterContinental Hotel Group says that it has found malware designed to steal payment card details at around 1200 of its franchise hotels in the US.

UK-based IHG – which operates brands including Holiday Inn and Crowne Plaza – says that the breach affects cards used at front desks at the hotels between late September and late December last year.

The company had admitted a breach in February but said that only around 12 properties were involved. It has now posted an online tool showing around 1200 hotels were hit in the US and one in Puerto Rico.

IHG says that it became aware of the breach after franchisees were contacted by card networks warning about unauthorised charges on cards that had been used legitimately at their hotels.

An investigation found malware which searched for track data – card numbers, expiration dates, internal verification code and, sometimes, names – read from the magnetic stripe of cards as it was being routed through the affected hotel server.

Franchisees that used IHG’s P2P encryption payment technology before September were not affected by the Malware, says the hotel group.

Healthcare Provider notifies patients of potential data breach

Rhode Island’s largest health care provider says an employee’s laptop containing patient information was stolen, but there’s no indication that any patient’s information has been accessed or used as a result of the theft.

The Providence Journal reports that Lifespan recently sent a notice about the potential data breach to about 20,000 patients.

The hospital network says the computer was stolen from a car on Feb. 25. The employee immediately reported the theft to police and Lifespan.

The laptop may have had work emails containing information about patients and their medication prescriptions, but it did not have Social Security numbers, medical diagnoses and other sensitive information which is held in the network’s database.

Suspicious Vehicle Prompts Evacuation of French Polling Station

A polling station in the town of Besançon in eastern France was evacuated on Sunday after a stolen vehicle was abandoned with the engine running while voting was taking place, French Interior Ministry said.

The suspicious car was flagged as stolen and had fake number plates, a ministry official told Reuters, adding that a decision was made to evacuate the polling station, while bomb disposal experts were called to examine the vehicle.

France is voting in the first round of a presidential election on Sunday amid heightened security.

Security officials have said there is a risk during the elections of a militant attack like the ones that have killed more than 230 people in the past two years in France.

More than 50,000 police and elite security units have been mobilised for election duty across France.

San Francisco suffers large power cut for several hours

San Francisco was hit by a massive power cut on Friday that severely disrupted life in the American west coast city.

Businesses were particularly affected; San Francisco has a thriving financial district and his home to banks and technology companies.

The outage was caused by a fire in a substation after a circuit breaker failure. Starting at 9am, at one point it affected nearly 90,000 customers in 14 neighbourhoods, according to the energy supplier.

The city’s main shopping district virtually closed down as major retailers shut their doors.

Emergency services were called to some 20 lift failures but there were no deaths or injuries.

As public transport including San Francisco’s famous trams ground to a halt many people decided the simplest thing was just to go home.


Majority of UK Universities hit by Phishing Activity

A Freedom of Information (FoI) request has illustrated the cyber security threats facing UK universities, with 70 percent of respondents admitting to falling victim to a phishing attack.

For each of the 51 respondents to the FoI request, an individual was tricked into disclosing personal details via an email pretending to be from a trusted source.

The findings follow a recent warning from Action Fraud, the UK’s Fraud and Cybercrime Reporting Centre, of a phishing scam that is specifically targeting UK universities in the form of fake pay rise emails that direct victims to click on a malicious link.

Twelve of the universities who responded said they had been attacked more than ten times in the past year, with seven (including Oxford University) reporting to have been hit more than 50 times in the same timeframe


Cancer research spanning 25 years is saved from fire

Cancer experts are praising the fire service for saving 25 years of vital research from a serious fire next to the Christie Hospital in Manchester.

The full impact of the damage is still being assessed – but it could take millions of pounds to rebuild the facilities.

Cancer Research UK had feared that many projects, including studies into hard-to-treat cancers might have been lost


Buildings damaged by EarthQuake in Philippines

A 6.8-magnitude earthquake struck off the Philippines early yesterday, officials said, damaging several buildings and injuring two people as panicked residents fled the coast following a tsunami warning.

US authorities warned of potential hazardous waves in the southern region of Mindanao and Indonesia after the quake hit at 4.23am, but the tsunami alert was lifted less than two hours later.

Residents were jolted from their beds and ran onto the streets as the earthquake shook the area, leaving cracks in a hospital, two government buildings and a port, as well as triggering the collapse of at least one house and causing a brief power outage.


Google & Facebook hit by $100m Phishing Scam

Google and Facebook were phished for over $100m, it has been reported, proving not even the biggest technology companies in the world are immune from the increasingly sophisticated attacks of online scammers.

Last month it was reported that two major tech companies were tricked by a Lithuanian man into sending him over $100m (£77m). Evaldas Rimasauskas, 48, was charged with wire fraud, money laundering and aggravated identity theft for impersonating Quanta Computer – a Taiwanese electronics manufacturer that includes Google, Facebook and Apple as clients.

Now an investigation by Fortune has shown that the two firms Rimasauskas reportedly sent fraudulent invoices to were Facebook and Google, who both paid out over $100m.

Facebook said in a statement: “We recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation.” Likewise Google said it had “detected this fraud against our vendor management team and promptly alerted the authorities. We recouped the funds and we’re pleased this matter is resolved.”