https://lancasteronline.com/ne...b3-cf98ea557c1a.html
http://fox43.com/2018/04/13/80...y-after-e-mail-hack/
Discovered last Wednesday by Employees!
Original Post
Replies sorted oldest to newest
Oh my God. That is terrible. I hope the theives are caught and prosecuted.
That's awful. Hope they are able to recoup at least some of it.
Hudson J1e posted:Oh my God. That is terrible. I hope the theives are caught and prosecuted.
I wouldn't be surprised if it was some hackers over seas and nothing will happen, Russia, middle east, China.
It appears banks are not held liable for this type of theft by court decisions.
Hate to think so but likely an inside job and they'll be talking to current and past employees. They'll track where the $ went but if it heads off shore there are limited options.
How do they know that no customer information was accessed (stated in article)?
I am sorry to read that they were hacked. Still, I have to wonder how up to date their security patches are, and how well their network is hardened.
IMHO it's something to think about any time one shares information with a small company.
Very sorry to hear this news! They run a fine operation there. These days you simply cannot trust the Internet in any way, shape, or form. It simply is NOT a safe place at any level when it comes to financial and personal information, and yet it's virtually impossible to not use or reveal this type of info at some point in the course of normal living.
Wow....too bad...an operation like this does not have deep pockets.... Hope they can get it back...
C W Burfle posted:How do they know that no customer information was accessed (stated in article)?
I am sorry to read that they were hacked. Still, I have to wonder how up to date their security patches are, and how well their network is hardened.
IMHO it's something to think about any time one shares information with a small company.
Sometimes no matter how hardened you network is, if hackers want to they can get in. Why do you think almost monthly there are security patches released, there is always a new threat showing up. In regards to your question you asked, it could be the customer information is stored separately from the financial information.
It is unfortunate that this happened. Hence the reason why some companies hire what are called white hat hackers, to break into a network and find ways to mitigate damage done, since you will never be able to prevent that from happening, unless you are not hooked up to the internet at all.
Still sorry it happened though.
What bank was this account in? The bank itself my have weak account protection unless the hacker knew the passwords and secret questions to get in.
Sometimes no matter how hardened you network is, if hackers want to they can get in. Why do you think almost monthly there are security patches released, there is always a new threat showing up. In regards to your question you asked, it could be the customer information is stored separately from the financial information.
Hackers go for easy targets. A site that is properly hardened and kept up to date with patches would be difficult to break into. Why would they go after a tiny business like Strasburg Railroad?
We could debate how Strasburg RR knows that customer information wasn't extracted, but unless you are familiar with their IT setup, neither of us knows.
My post was not meant to disparage Strasburg RR. I was only trying to point out that folks should be careful where they leave their private information.
I always smile a little when they say things like "this was a sophisticated attack", what that often translates into in real life is a human failure and the attack wasn't that sophisticated per se. One of the reasons they targeted something like the strasbourg rr, not exactly a fortune 500 company, is because they are a lot less likely to have the kind of safeguards in place bigger organizations do. The articles are pretty crappy, but for example with e-mail there are ways to get into a system by sending certain kinds of data via e-mail, that ends up insering a virus or trojan horse into the system that then gives them access, but despite what that sounds like, it isn't all that sophisticated. More than likely, it either is a hole in an operating system, or even something like they broke a user's code and the password was weak enough to be cracked *shrug*.
As far as knowing why customer information wasn't affected, I obviously know nothing of their system, but in most systems information is kept in different places and access to customer accounts is often controlled by a different internal user than the corporate finance systems, it is partioned like that in part to prevent a breach where everything is available from one user, so someone getting access to the financial accounts where they could transfer money like this couldn't get to the customer data. Plus most systems have an audit trail, at its most simplest level most relational db's have a date/timestamp that indicates the last time the records were accessed, if they know when these hackers hit, they can see if the customer records show any access around that time in the db.
I am sure there will be changes at Strasburg, but it's too bad this had to drive them. It's a good outfit and we all hate to see things like this occur.
Perhaps it can serve a wakeup call to other museum operations.
Plus most systems have an audit trail, at its most simplest level most relational db's have a date/timestamp that indicates the last time the records were accessed, if they know when these hackers hit, they can see if the customer records show any access around that time in the db.
I am familiar with update timestamps being in an audit trail, not read access timestamps. But I've been out of that area for a while now, and my expertise was in UNISYS Data Management System, which was a hierarchical database.
ALL online systems, including our government's intelligence services, are vulnerable - cyber aggression is a real threat!
Sad story. Meanwhile did you catch this one also mentioned on the site?
Mount Joy Township woman who owes $92K for 1,645 turnpike violations asks judge for time, payment plan
Farmer_Bill posted:Sad story. Meanwhile did you catch this one also mentioned on the site?
Mount Joy Township woman who owes $92K for 1,645 turnpike violations asks judge for time, payment plan
Also a sad story...for a different reason! 
(1,645 violations? How is that even possible?)
I hate to say this but this seems like a very specific attack where the hackers had some inside knowledge of how to hit this. Hitting a small company that is not likely to have a highly sophisticated network is one thing. But I am a little suspicious of an outside entity knowing this was even a worthy target with vulnerable assets. Its not a bank or a store. I hope they find who did this and tie them to the tracks for number 475 to deal with. BigRail
Brody B. posted:Farmer_Bill posted:Sad story. Meanwhile did you catch this one also mentioned on the site?
Mount Joy Township woman who owes $92K for 1,645 turnpike violations asks judge for time, payment plan
Also a sad story...for a different reason!
(1,645 violations? How is that even possible?)
Running EZ Pass twice a day without an account?
bigkid posted:I always smile a little when they say things like "this was a sophisticated attack", what that often translates into in real life is a human failure and the attack wasn't that sophisticated per se. One of the reasons they targeted something like the strasbourg rr, not exactly a fortune 500 company, is because they are a lot less likely to have the kind of safeguards in place bigger organizations do. The articles are pretty crappy, but for example with e-mail there are ways to get into a system by sending certain kinds of data via e-mail, that ends up insering a virus or trojan horse into the system that then gives them access, but despite what that sounds like, it isn't all that sophisticated. More than likely, it either is a hole in an operating system, or even something like they broke a user's code and the password was weak enough to be cracked *shrug*.
As far as knowing why customer information wasn't affected, I obviously know nothing of their system, but in most systems information is kept in different places and access to customer accounts is often controlled by a different internal user than the corporate finance systems, it is partioned like that in part to prevent a breach where everything is available from one user, so someone getting access to the financial accounts where they could transfer money like this couldn't get to the customer data. Plus most systems have an audit trail, at its most simplest level most relational db's have a date/timestamp that indicates the last time the records were accessed, if they know when these hackers hit, they can see if the customer records show any access around that time in the db.
I work in IT at a 20,000 plus person company and have experience with securing its systems. The articles do not give enough details to understand what happened. That said, do not be fooled into thinking only big companies are targets. WWIII is going on over the internet right now. State sponsored cyber attacks are a daily occurance at every ip address that resolves to a western country. Let your guard down for even a day and you and your company are at risk of being destroyed, and you will not know it until it is too late.
I had almost 17 Gs stolen from me. Out of my checking account. I have had my cell phone hacked into twice, my credit card once, I had hour long calls made to Japan, charges on my card made to the Australian Red Cross... Why me? I just want to be a nice guy. I mind my own business. I don’t go on weird websites. I don’t get it, and frankly it’s starting to **** me off. I’ll never see that dough again. Not cool.
Lifelock or similar services are cheap insurance for those individuals that do a lot on line. My wife had her ssid stolen and it took months to straighten it out. Never again.
Mike
