Privacy Digest

News that can impact your privacy.
Login/Register
What is OpenID?
  • Log in using OpenID
  • Cancel OpenID login
  • Create new account
  • Request new password
Home Blogs MacRonin's blog
    • FAQ
    • Wishlists
    • Contact
    • Categories/RSS

Bookmark Us

Bookmark Privacy Digest 
Bookmark This Page 

Syndicate

Syndicate content
more

Advertisements

car insurance prices
Tracking System

Popular content

Last viewed:

  • VA to expand encryption to in-house removable storage
  • Parents' rights supersede privacy law
  • Swedish Athletes Back GPS Implants to Combat Drug Use
  • Microsoft patents the mother of all adware systems
  • AT&T 'Spy Room' Documents Released, Confirm Wired News' Earlier Publication
  • Wikileaks Forced to Leak Its Own Secret Info
  • EU data privacy officers launch investigation into Google's Internet search engine - International Herald Tribune

tags in Topics

Activists Alert Anonymity Companies Copyright Court (US) Databases Data Mining DMCA Editorial EFF Entertainment Exploits Fourth Amendment Government Hmmm ID Infrastructure Law Enforcement Laws Politics Privacy Remember Reports Rights Security Spin Zone Surveillance Telecommunications Tracking
more tags

View blog authority
Congressional Research
Broadcast Flag

Travel-Booking Site for Federal Agencies Hacked - Security Fix

Submitted by MacRonin on February 22, 2009 - 12:20pm
  • Alert
  • Companies
  • Data Breach
  • Databases
  • Exploits
  • Government
  • Hmmm
  • Privacy
  • Security
  • Website

Travel-Booking Site for Federal Agencies Hacked - Security Fix: Via Washington Post

Govtrip.com, which handles travel reservations for at least a dozen U.S. government agencies, last week was infected with a virus that tried to install malicious software when users visited the site, causing some agencies to block employees from accessing it, Security Fix has learned.

Sometime on Feb. 11, hackers changed the Govtrip.com Web site to redirect visitors to a site that installed malicious software. A number of agencies, including the departments of Agriculture, Energy, Health & Human Services, Interior, Transportation, and Treasury, use the site exclusively to book travel arrangements. Govtrip.com also is used to reimburse workers via direct deposit, which means that many federal employees' checking account information is stored there as well.

On Thursday, Feb. 12, the Federal Aviation Administration began urging employees to avoid visiting the site. Rather, employees seeking to make travel arrangements were given instructions on how to book travel arrangements manually, FAA spokeswoman Laura Brown said.

"When we first realized there was a problem, we blocked access to the site from our end, because people who had contact with it were reporting some kind of virus being downloaded," Brown said.

Govtrip.com is managed by defense contractor Northrop Grumman, which declined to comment for this story. The company referred all inquiries to the General Services Administration.

GSA spokesman Robert Lesino said the agency's ability to comment was limited because the incident was still under investigation. GSA issued the following statement:

[...]

Update, Feb. 21, 2:53 p.m. ET: According to an analysis shared with Washingtonpost.com, the compromise of govtrip.com came from multiple sources and was fairly extensive. From an internal government memo:

[...]

Until those systems are in place, however, Northrop Grumman will have its authority to operate the service on behalf of federal agencies revoked, the memo notes. The GSA said it anticipates restoring government access to govtrip.com on Monday, Feb. 23.

Read Original Article ( Via Washington Post. )

Bookmark/Search this post with:
  • Twitter Twitter
  • Digg Digg
  • StumbleUpon StumbleUpon
  • Technorati Technorati
  • del.icio.us del.icio.us
  • Facebook Facebook
  • Furl Furl
  • LinkedIn LinkedIn
  • Yahoo Yahoo
  • MacRonin's blog
  • Add new comment

Recent blog posts

  • The Secrecy Double-Standard
  • Fully-qualified Nonsense in the SSL Observatory
  • Appeals Court Strengthens Warrantless Searches at Border
  • Justice Dept. to Congress: Don’t Saddle 4th Amendment on Us
  • Feds, RIAA Ask $22,500 in Damages Per Song
  • Building a better Certificate Authority (CA) infrastructure
  • Where’s EFF? Why EFF Is Sometimes Quiet About Important Cases
  • Congressman Wants YouTube Video Covered Up
  • Man Creates "Creepy" Stalking App
  • Boston College Says Using WiFi Is a Sign of Infringement
more

Performancing Metrics

Compilation © Copyright 1997-2010 Paul Hardwick, with Web Hosting provided by MacRonin.com.