U.S. Federal Reserve admits being breached by Anonymous
Posted on 06 February 2013.
U.S. Federal Reserve confirmed the breach of one of its internal websites by the hands of Anonymous hackers, but denied that the file containing personal information of over 4,000 U.S. bank executives the attackers made available for download contained passwords.

Following the discovery of the compromise, which happened due to the exploitation of a "temporary vulnerability in a website vendor product," the affected individuals were contacted and warned about potential risks.

The file apparently contained names, mailing addresses, business phone and mobile phone numbers, business email addresses, and fax numbers.

"Some registrants also included optional information consisting of home phone and personal email. Despite claims to the contrary, passwords were not compromised," a Federal Reserve spokesman stated for Reuters.

"Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system," he added.

It is unknown which website was hacked, but the stolen data apparently consisted of a contact database for banks to use during a natural disaster.

The Federal Reserve website is the last target of Anonymousí OpLastResort. Initiated last week as a reaction to the U.S. government's role in the suicide of Internet activist Aaron Swartz, it already resulted in the hacks of the websites belonging to the U.S. Sentencing Commission, the Eastern District of Michigan U.S. Probation Office, and the Alabama Criminal Justice Information Center, where the stolen file was initially hosted.


Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Jul 29th