A former Chicago Public Schools worker faces several felony charges after officials allege the worker stole Attack.Databreach personal information on about 80,000 employees , volunteers and vendors from a CPS database . The former worker , Kristi Sims , was arrested Thursday ; officers recovered the stolen files after executing search warrants , according to CPS and Chicago police officials . Sims , 28 , is a former contractor who handled administrative tasks for the Office of Safety and Security . Sims was ordered released on her own recognizance at a bond hearing Friday at the Leighton Criminal Court Building by Judge Sophia Atcherson ; Sims also was ordered not to access to the internet while the case continues . In a letter to employees Thursday evening , CPS Chief Operating Officer Arnie Rivera said the district learned of the massive data breach Attack.Databreach Wednesday , the day after the information was stolen Attack.Databreach . Among the data stolen Attack.Databreach were names , employee ID numbers , phone numbers , addresses , dates of birth , criminal arrest histories and DCFS findings . Social Security numbers were not taken Attack.Databreach , Rivera said . “ There was no indication that the information , which was in the individual ’ s possession for approximately 24 hours , was used or disseminated to anyone in any way , ” Rivera added . A CPS spokesman referred questions about the criminal charges to Chicago police , but Rivera said “ CPS will work to ensure the individual is prosecuted to the fullest extent of the law. ” CPD spokesman Anthony Guglielmi said Sims is also suspected of deleting the targeted files from the CPS database after they were stolen Attack.Databreach . The digital equipment seized in the warrant is being analyzed , and a search warrant is underway for Sims ’ s email account , Guglielmi said . Though police say they don ’ t believe anyone other than Sims was in possession of the data , they hope to learn more about what might have been done with the information . This latest CPS data breach Attack.Databreach comes only a few months after the school district mistakenly sent a mass email that linked to the private information of thousands of students and families . The email invited families to submit supplemental applications to selective enrollment schools . Attached at the bottom of the email was a link to a spreadsheet with the personal data of more than 3,700 students and families . In that incident , CPS apologized for the “ unacceptable breach Attack.Databreach of both student information and your trust ” and asked recipients of the email to delete the sensitive information . The data included children ’ s names , home and cellphone numbers , email addresses and ID numbers .

New statements from Apple make it clear that they do not believe a hacker , or group of hackers , breached any of their systems . This comes after a recent report from Motherboard that a hacker gang called the `` Turkish Crime Family '' is threatening to remotely wipe up to 559 million iPhones by April 7 . The hackers claim they hold an alleged cache of stolen accounts , and their goal is to shake down Attack.Ransom the big Apple for $ 75,000 in Bitcoin or Ethereum cryptocurrency . Alternatively , in lieu of those options , they will even accept Attack.Ransom $ 100,000 in iTunes gift cards ( a potentially risky option for them ) . Apple responded to the allegation that the hackers breached Attack.Databreach its systems , assuring their systems were not compromised Attack.Databreach , but did not confirm if the hackers do in fact hold Attack.Databreach an entire collection of Apple IDs and passwords . Whatever information they do have , probably came from previously comprised third-parties . `` If the list is legitimate , it was not obtained Attack.Databreach through any hack Attack.Databreach of Apple , '' an Apple spokesperson told Fortune in an email . `` There have not been any breaches Attack.Databreach in any of Apple 's systems including iCloud and Apple ID . '' Even if the data did n't come from an Apple breach Attack.Databreach , it could still mean your iCloud login details are out there . Fortune suggested that the logins could be from the LinkedIn hack Attack.Databreach , in which login info from 117 million accounts was sold on the black market site `` The Real Deal . '' Though , if the Turkish Crime Family really has 559 million accounts , well , a mere fraction of the 117 million from LinkedIn does n't really cut it . The hackers have been sending login information to media companies in an effort to gather attention to their scam . For example , The Next Web received a small fraction of the alleged data from the hackers , and cross-referenced the info with the site Have I Been Pwned , which checks to see if your email or username has been compromised Attack.Databreach in a hack . Most of the samples provided to TNW do n't appear to have been involved in the LinkedIn hack or other hacks in the Pwned database , but TNW was able to access Attack.Databreach the accounts with the login information provided by the hackers , so the info looks legitimate . They ca n't test every login , so the small sample may not be indicative of the whole . The Turkish Crime Family also noted to TNW that all conversations with Apple were actually kept private and never reported to Motherboard . Instead , the conversation between the Turkish Crime Family and Motherboard were led by a member that has now been removed for his `` inaccuracy '' and `` lack of professionalism , '' an the group denies the authenticity of Motherboard 's report . Overall , the hacking team seems to have a hard time sticking to one story . Now , the hacker group is confirming Apple 's statement that its systems have not been breached Attack.Databreach , and that the stolen data was obtained Attack.Databreach through previously compromised systems over the last five years . The Turkish Crime Family is , in fact , not contradicting Apple . They did not breach Attack.Databreach the company , nor did they ever state to Motherboard that they stole Attack.Databreach the info directly from Apple . Rather , after Motherboard 's breaking March 21 report , a breach was assumed by some news outlets such as BGR , though most media sites never directly stated that the hackers breached Apple . The Turkish Crime Family 's initial response to Motherboard , and the group 's only statement , was to extort Attack.Ransom Apple over an alleged cache of iCloud and other Apple email accounts . The group never stated where their cache of data came from until today when they contacted TNW in response to Apple .

Forrester , one of the world 's leading market research and investment advisory firms , admitted late Friday afternoon to a security breach that took place during the past week . The company says that a yet to be identified attacker ( or attackers ) has gained access Attack.Databreach to the infrastructure hosting its website — Forrester.com . Forrester is using this website to allow customers to log in and download research specific to their contracts . The company provides statistics , trends , and other market research , which clients use to take decisions before launching new products or business endeavors . Attacker stole Attack.Databreach site credentials and stole Attack.Databreach proprietary research Steven Peltzman , Forrester 's Chief Business Technology Officer , says the attacker stole Attack.Databreach valid Forrester.com user credentials that gave him access to Forrester.com accounts . `` The hacker used that access to steal Attack.Databreach research reports made available to our clients , '' he said . `` There is no evidence that confidential client data , financial information , or confidential employee data was accessed or exposed Attack.Databreach as part of the incident , '' Peltzman clarified . Even if no sensitive customer data was stolen Attack.Databreach , the market research information to which hackers had access Attack.Databreach is very valuable in the hands of an economic espionage hacker group , allowing it to determine what technologies are Forrester 's customers working on , or what products they 're ready to launch . This information could then be resold on dark markets or competitors , or hackers could also use it to select future targets — companies that are ready to launch valuable products . `` We recognize that hackers will attack attractive targets — in this case , our research IP . We also understand there is a tradeoff between making it easy for our clients to access our research and security measures , '' said George F. Colony , Chairman and Chief Executive Officer of Forrester . `` We feel that we have taken a common-sense approach to those two priorities ; however , we will continuously look at that balance to respond to changing cybersecurity risk . '' Forrester is the fourth major financial and business entity that suffered or announced a security incident in the past month . The other three include credit rating and reporting firm Equifax , the US Securities and Exchange Commission ( SEC ) , and accounting , auditing , and corporate finance consulting firm Deloitte .

Forrester , one of the world 's leading market research and investment advisory firms , admitted late Friday afternoon to a security breach that took place during the past week . The company says that a yet to be identified attacker ( or attackers ) has gained access Attack.Databreach to the infrastructure hosting its website — Forrester.com . Forrester is using this website to allow customers to log in and download research specific to their contracts . The company provides statistics , trends , and other market research , which clients use to take decisions before launching new products or business endeavors . Attacker stole Attack.Databreach site credentials and stole Attack.Databreach proprietary research Steven Peltzman , Forrester 's Chief Business Technology Officer , says the attacker stole Attack.Databreach valid Forrester.com user credentials that gave him access to Forrester.com accounts . `` The hacker used that access to steal Attack.Databreach research reports made available to our clients , '' he said . `` There is no evidence that confidential client data , financial information , or confidential employee data was accessed or exposed Attack.Databreach as part of the incident , '' Peltzman clarified . Even if no sensitive customer data was stolen Attack.Databreach , the market research information to which hackers had access Attack.Databreach is very valuable in the hands of an economic espionage hacker group , allowing it to determine what technologies are Forrester 's customers working on , or what products they 're ready to launch . This information could then be resold on dark markets or competitors , or hackers could also use it to select future targets — companies that are ready to launch valuable products . `` We recognize that hackers will attack attractive targets — in this case , our research IP . We also understand there is a tradeoff between making it easy for our clients to access our research and security measures , '' said George F. Colony , Chairman and Chief Executive Officer of Forrester . `` We feel that we have taken a common-sense approach to those two priorities ; however , we will continuously look at that balance to respond to changing cybersecurity risk . '' Forrester is the fourth major financial and business entity that suffered or announced a security incident in the past month . The other three include credit rating and reporting firm Equifax , the US Securities and Exchange Commission ( SEC ) , and accounting , auditing , and corporate finance consulting firm Deloitte .

Forrester , one of the world 's leading market research and investment advisory firms , admitted late Friday afternoon to a security breach that took place during the past week . The company says that a yet to be identified attacker ( or attackers ) has gained access Attack.Databreach to the infrastructure hosting its website — Forrester.com . Forrester is using this website to allow customers to log in and download research specific to their contracts . The company provides statistics , trends , and other market research , which clients use to take decisions before launching new products or business endeavors . Attacker stole Attack.Databreach site credentials and stole Attack.Databreach proprietary research Steven Peltzman , Forrester 's Chief Business Technology Officer , says the attacker stole Attack.Databreach valid Forrester.com user credentials that gave him access to Forrester.com accounts . `` The hacker used that access to steal Attack.Databreach research reports made available to our clients , '' he said . `` There is no evidence that confidential client data , financial information , or confidential employee data was accessed or exposed Attack.Databreach as part of the incident , '' Peltzman clarified . Even if no sensitive customer data was stolen Attack.Databreach , the market research information to which hackers had access Attack.Databreach is very valuable in the hands of an economic espionage hacker group , allowing it to determine what technologies are Forrester 's customers working on , or what products they 're ready to launch . This information could then be resold on dark markets or competitors , or hackers could also use it to select future targets — companies that are ready to launch valuable products . `` We recognize that hackers will attack attractive targets — in this case , our research IP . We also understand there is a tradeoff between making it easy for our clients to access our research and security measures , '' said George F. Colony , Chairman and Chief Executive Officer of Forrester . `` We feel that we have taken a common-sense approach to those two priorities ; however , we will continuously look at that balance to respond to changing cybersecurity risk . '' Forrester is the fourth major financial and business entity that suffered or announced a security incident in the past month . The other three include credit rating and reporting firm Equifax , the US Securities and Exchange Commission ( SEC ) , and accounting , auditing , and corporate finance consulting firm Deloitte .

In total , ESET security researcher Lukas Stefanko discovered 13 apps that appear to have been written by a Turkish developer . While seven of the 13 apps obviously focused on Turkish-speaking users , the rest targeted users from across the world . Stefanko says he reported all 13 apps to Google 's security team , who removed them from the Play Store last week . The modus operandi of all these apps was the same . The app would then collect Attack.Databreach the user 's login details , send them to a remote server , and show a login error . The error would appear every time the user tried to authenticate , and after a certain number of login attempts , the error would change , and ask the user to visit the official Instagram site instead and authorize the app from there . When the user visited the Instagram homepage , he would see a notification from Instagram letting him know that someone has accessed his account . From this point on , if victims do n't change their passwords , the crook would use the victim 's Instagram account to like images or follow other accounts . Stefanko believes these apps power online services that offer Instagram likes and followers for money . Back in January , the researcher discovered a similar app that stole Attack.Databreach Instagram credentials and targeted Turkish users . That app , as well , was hosted on the official Google Play Store . Other ways in which hackers could use the stolen Instagram credentials is to post image ads on people 's profiles and to extort some kind of payment from the owners of accounts with a large follower base . Overall , there have been many cases of apps that stole Attack.Databreach Instagram credentials in the past few years . In November 2015 , Apple removed an app named `` Who Viewed Your Profile - InstaAgent '' from the App Store because of the same behavior . Six months later , Google faced a similar incident and was forced to remove two apps named `` Who Viewed Me on Instagram '' and `` InstaCare - Who cares with me ? , '' also caught stealing Attack.Databreach Instagram credentials

In total , ESET security researcher Lukas Stefanko discovered 13 apps that appear to have been written by a Turkish developer . While seven of the 13 apps obviously focused on Turkish-speaking users , the rest targeted users from across the world . Stefanko says he reported all 13 apps to Google 's security team , who removed them from the Play Store last week . The modus operandi of all these apps was the same . The app would then collect Attack.Databreach the user 's login details , send them to a remote server , and show a login error . The error would appear every time the user tried to authenticate , and after a certain number of login attempts , the error would change , and ask the user to visit the official Instagram site instead and authorize the app from there . When the user visited the Instagram homepage , he would see a notification from Instagram letting him know that someone has accessed his account . From this point on , if victims do n't change their passwords , the crook would use the victim 's Instagram account to like images or follow other accounts . Stefanko believes these apps power online services that offer Instagram likes and followers for money . Back in January , the researcher discovered a similar app that stole Attack.Databreach Instagram credentials and targeted Turkish users . That app , as well , was hosted on the official Google Play Store . Other ways in which hackers could use the stolen Instagram credentials is to post image ads on people 's profiles and to extort some kind of payment from the owners of accounts with a large follower base . Overall , there have been many cases of apps that stole Attack.Databreach Instagram credentials in the past few years . In November 2015 , Apple removed an app named `` Who Viewed Your Profile - InstaAgent '' from the App Store because of the same behavior . Six months later , Google faced a similar incident and was forced to remove two apps named `` Who Viewed Me on Instagram '' and `` InstaCare - Who cares with me ? , '' also caught stealing Attack.Databreach Instagram credentials

On the one hand , it gives them a bit of plausible deniability while reaping the potential spoils of each attack , but if the hackers are n't kept on a tight leash things can turn bad . Karim Baratov , the 22-year-old Canadian hacker who the FBI alleges Russia 's state security agency hired to carry out the Yahoo breach , did n't care much for a low profile . His Facebook and Instagram posts boasted of the million-dollar house he bought in a Toronto suburb and there were numerous pictures of him with expensive sports cars -- the latest an Aston Martin DB9 with the license plate `` MR KARIM . '' But forget those for a moment and consider he was n't very careful in hiding his hacking work . In the domain name records , he listed his home address . “ When you bring in amateurs who don ’ t follow standard protocol , that carries risk , ” said Alex Holden , chief information security officer at Hold Security . At the time , the company notified the FBI but only believed 26 accounts had been targeted . It was n't until mid 2016 that the true enormity of the hack started to become apparent . Security experts say it ’ s possible Baratov or a second hacker hired to help might have bragged online about the hack at some point , tipping off U.S. investigators . And then in August 2016 a database allegedly stolen Attack.Databreach from Yahoo was found circulating Attack.Databreach on the black market . “ Some of the information about this hack Attack.Databreach was basically leaked Attack.Databreach , ” Holden said . “ That ’ s not a sign of a mature intelligence operation ” . So why did Russia turn to a 22-year-old from Canada ? According to the indictment , Baratov broke into the accounts through spear phishing email attacks Attack.Phishing , which are often designed to dupe Attack.Phishing victims into handing over password information . However , spear phishing Attack.Phishing only works best if the emails appear authentic . “ The benefit of having Karim , the Canadian , on the team probably allowed creation of far more believable phishing attacks Attack.Phishing due to his being a native English speaker , ” said Chester Wisniewski , a research scientist at security firm Sophos , in an email . In addition to Baratov , the Russian agents allegedly hired a 29-year-old Latvian named Aleksey Belan , who pulled off the main hack against Attack.Databreach Yahoo , and stole Attack.Databreach the database involving 500 million user accounts . By outsourcing the operation to Belan , Russia probably wanted to conceal the true motives for the Yahoo breach , Wisniewski said . Prior to Wednesday ’ s indictment , Belan himself was already a wanted man for hacks against U.S. e-commerce companies . “ There is also the ‘ cover ’ of criminal actions to potentially obfuscate the spying that was allegedly the real purpose ” . In response to Wednesday 's criminal indictments by the FBI , the Russian government is denying any involvement , and calling the allegations a distraction . Baratov , who has been arrested in Canada , is also claiming innocence , according to his lawyer . But if the allegations are true , it does show one example of how Russia is harnessing the power of cybercriminals for spying purposes -- and how it can get sloppy

A group of hackers are allegedly threatening to remotely wipe millions of iPhones and iCloud accounts , unless Apple agrees to pay a ransom Attack.Ransom by April 7th . As Motherboard reports , the hackers – who are calling themselves the “ Turkish Crime Family ” – are demanding Attack.Ransom Apple pay a ransom Attack.Ransom of $ 75,000 ( in either the Bitcoin or Ethereum cryptocurrencies ) , or hand over $ 100,000 worth of iTunes gift cards . Motherboard ‘ s Joseph Cox reports that one of the hackers shared screenshots of emails that had allegedly been exchanged with Apple , including one where a member of Apple ’ s security team asked if the group would be willing to share a sample of the stolen data . If emails shared by the hackers are legitimate , then it appears that Apple ’ s security team also requested that a YouTube video be removed of an unnamed member of the gang using stolen credentials to access an elderly woman ’ s iCloud account and view photos that had previously been backed up online . The alleged emails from Apple go on to underline that the technology firm will “ not reward cyber criminals for breaking the law ” . What we don ’ t know is whether the email exchanges between the hackers and Apple are real or faked , and – indeed – whether the so-called “ Turkish Crime Gang ” really has access Attack.Databreach to a large number of Apple users ’ credentials . Other than the video of the elderly woman ’ s iCloud account being broken into , there has been no evidence shared with the media to suggest that the hackers ’ claims of having gained access Attack.Databreach to a large database of Apple usernames and passwords are legitimate . However , if it ’ s true that the hackers are attempting to engage with the media in an attempt to increase their chances of a substantial payout then that would be in line with an increasingly common technique deployed by extortionists . For instance , we have discussed before how an individual hacker or hacking group known as The Dark Overlord has targeted investment banks – stealing internal documents and bringing them to the public ’ s attention in an attempt to extort more money Attack.Ransom . In another extortion Attack.Ransom attempt , The Dark Overlord stole Attack.Databreach hundreds of gigabytes of files from the Gorilla Glue adhesive company , and attempted to increase their chances of crowbarring more money out of corporate victims by sharing details with security industry media . For the record , when The Dark Overlord contacted me to help them blackmail Attack.Ransom companies , I declined . I believe that companies should do everything in their power to protect their customers and prevent criminals from profiting from extortion Attack.Ransom . We simply don ’ t know the truth of the Turkish Crime Family ’ s claims , and whether Apple users are at risk . But I do hope that the media stories will help remind Apple users of the importance of using a strong , unique password to secure their account and enable two-factor authentication to make their accounts harder to break into .

Hackers made hay of the sorry state of credential security in 2016 . They stole Attack.Databreach millions of username and password combinations from online services of all shapes and sizes . Blogs and discussion forums were hit particularly hard . Exploiting credentials is an old attack vector that still works wonders for hackers . In its 2016 Data Breach Investigations Report ( DBIR ) , Verizon added a section about credentials , revealing that 63 % of data breaches Attack.Databreach involved weak , default or stolen passwords . “ This statistic drives our recommendation that this is a bar worth raising , ” reads the report . Why is it so easy for cybercriminals to plunder Attack.Databreach login credentials ? End users , despite constant warnings , continue re-using passwords , allowing hackers to conveniently break into multiple accounts after stealing Attack.Databreach someone 's credentials once . It 's like having one key for your bike lock , front door , office building , car and bank box . Meanwhile , more software vendors should provide advanced hashing , salting and other scrambling technologies for protecting credential information in case it 's stolen Attack.Databreach . For example , attackers hacked Clash of Kings ' forum after exploiting a known vulnerability in an outdated version of the vBulletin software . The thieves stole Attack.Databreach personal information from 1.6 million user accounts , including scrambled passwords . In one case , an attacker used misplaced install files to gain admin privileges . In another case , hackers stole Attack.Databreach one moderator 's credentials and used the account to post a malicious message in the forum . After viewing the message , the forum 's administrator had his account compromised , leading to a massive breach . Notable vulnerabilities exploited Vulnerability-related.DiscoverVulnerability in recent years include CVE-2016-6483 , CVE-2016-6195 , CVE-2016-6635 , CVE-2015-1431 , CVE-2015-7808 , CVE-2014-9574 and CVE-2013-6129 .

Hackers made hay of the sorry state of credential security in 2016 . They stole Attack.Databreach millions of username and password combinations from online services of all shapes and sizes . Blogs and discussion forums were hit particularly hard . Exploiting credentials is an old attack vector that still works wonders for hackers . In its 2016 Data Breach Investigations Report ( DBIR ) , Verizon added a section about credentials , revealing that 63 % of data breaches Attack.Databreach involved weak , default or stolen passwords . “ This statistic drives our recommendation that this is a bar worth raising , ” reads the report . Why is it so easy for cybercriminals to plunder Attack.Databreach login credentials ? End users , despite constant warnings , continue re-using passwords , allowing hackers to conveniently break into multiple accounts after stealing Attack.Databreach someone 's credentials once . It 's like having one key for your bike lock , front door , office building , car and bank box . Meanwhile , more software vendors should provide advanced hashing , salting and other scrambling technologies for protecting credential information in case it 's stolen Attack.Databreach . For example , attackers hacked Clash of Kings ' forum after exploiting a known vulnerability in an outdated version of the vBulletin software . The thieves stole Attack.Databreach personal information from 1.6 million user accounts , including scrambled passwords . In one case , an attacker used misplaced install files to gain admin privileges . In another case , hackers stole Attack.Databreach one moderator 's credentials and used the account to post a malicious message in the forum . After viewing the message , the forum 's administrator had his account compromised , leading to a massive breach . Notable vulnerabilities exploited Vulnerability-related.DiscoverVulnerability in recent years include CVE-2016-6483 , CVE-2016-6195 , CVE-2016-6635 , CVE-2015-1431 , CVE-2015-7808 , CVE-2014-9574 and CVE-2013-6129 .

Hackers made hay of the sorry state of credential security in 2016 . They stole Attack.Databreach millions of username and password combinations from online services of all shapes and sizes . Blogs and discussion forums were hit particularly hard . Exploiting credentials is an old attack vector that still works wonders for hackers . In its 2016 Data Breach Investigations Report ( DBIR ) , Verizon added a section about credentials , revealing that 63 % of data breaches Attack.Databreach involved weak , default or stolen passwords . “ This statistic drives our recommendation that this is a bar worth raising , ” reads the report . Why is it so easy for cybercriminals to plunder Attack.Databreach login credentials ? End users , despite constant warnings , continue re-using passwords , allowing hackers to conveniently break into multiple accounts after stealing Attack.Databreach someone 's credentials once . It 's like having one key for your bike lock , front door , office building , car and bank box . Meanwhile , more software vendors should provide advanced hashing , salting and other scrambling technologies for protecting credential information in case it 's stolen Attack.Databreach . For example , attackers hacked Clash of Kings ' forum after exploiting a known vulnerability in an outdated version of the vBulletin software . The thieves stole Attack.Databreach personal information from 1.6 million user accounts , including scrambled passwords . In one case , an attacker used misplaced install files to gain admin privileges . In another case , hackers stole Attack.Databreach one moderator 's credentials and used the account to post a malicious message in the forum . After viewing the message , the forum 's administrator had his account compromised , leading to a massive breach . Notable vulnerabilities exploited Vulnerability-related.DiscoverVulnerability in recent years include CVE-2016-6483 , CVE-2016-6195 , CVE-2016-6635 , CVE-2015-1431 , CVE-2015-7808 , CVE-2014-9574 and CVE-2013-6129 .

Buzz60 A view of the Kremlin in Moscow on Jan. 6 , 2017 . Russia 's alleged use of computer hacking to interfere with the U.S. presidential election fits a pattern of similar incidents across Europe for at least a decade . Cyberattacks in Ukraine , Bulgaria , Estonia , Germany , France and Austria that investigators attributed to suspected Russian hackers appeared aimed at influencing election results , sowing discord and undermining faith in public institutions that included government agencies , the media and elected officials . Those investigations bolster U.S. intelligence findings of Russian meddling to help elect Donald Trump , a conclusion the president-elect has disputed — although he conceded Friday after a private intelligence briefing that Russia was among the possible hacking culprits . “ They ’ ve been very good at using the West ’ s weaknesses against itself , the open Internet to hack , the free media to sow discord , and to cause people to question the underpinnings of the systems under which they live , ” said Hannah Thoburn , a research fellow at the Hudson Institute , a Washington think tank . U.S. National Intelligence Director James Clapper told a Senate committee Thursday that Russian intelligence hackers , masquerading as third parties , have conducted attacks abroad that targeted critical infrastructure networks . “ Russia also has used cyber tactics and techniques to seek to influence public opinion across Europe and Eurasia , ” Clapper said . A declassified intelligence report on the Russian hacking released Friday accused Russian President Vladimir Putin of ordering the effort to help elect Trump . It warned that Russia would use lessons learned from the effort to disrupt elections of U.S. allies . USA TODAY Intel chiefs : We 're certain that Russia tried to influence U.S. election In 2007 , Putin told the Munich Security Conference that the United States ’ effort to spread its form of democracy was an insidious threat to Russia and other nations and that his government would push back . Russian sabotage of Western computer systems started that same year . In 2007 , Estonia accused hackers using Russian IP addresses of a wide-scale denial of service attack that shut down the Internet in the former Soviet republic and one of NATO ’ s newest members . According to The Guardian newspaper , the attacks came in waves that coincided with riots on May 3 , 2007 , over the statue , whose removal drew objections from Russia and Russian-speaking Estonians , and on May 8 and 9 , when Russia celebrated its victory over Nazi Germany . They blamed the attacks on a pro-Russia group called CyberBerkut . Hudson analyst Thoburn , who was working as an election observer in Ukraine at the time , said the Ukrainians were able to get around it by deleting their entire system and restoring it from a backup that was not contaminated . Ukrainian officials have also accused Russia of being behind a power grid attack in December 2015 that cut power to 80,000 in western Ukraine . In overt actions against Ukraine , Russia seized the province of Crimea in 2014 and helped armed separatists launch a rebellion in eastern Ukraine . German intelligence in 2015 accused Russia of hacking Attack.Databreach at least 15 computers belonging to members of Germany ’ s lower house of parliament , the Bundestag , and stealing data Attack.Databreach . Germany ’ s Federal Office for the Protection of the Constitution ( BfV ) said the attack Attack.Databreach was conducted by a group called Sofacy , which “ is being steered by the Russian state . '' BfV chief Hans-Georg Maassen told Reuters in November that Moscow has tried to manipulate the media and public opinion through various means , including planting false stories . One in 2015 by Russian media was about a German-Russian girl kidnapped and raped by migrants in Berlin . German Chancellor Angela Merkel said she could not rule out Russian interference in Germany 's 2017 federal election through Internet attacks and disinformation campaigns . The country 's Central Election Commission had been hacked during a referendum and local elections in 2015 that was almost certainly linked to Russia and a group that had hacked NATO headquarters in Brussels in 2013 , then-President Rosen Plevneliev told the BBC in November . `` The same organization that has attacked Attack.Databreach the ( German Parliament ) — stealing Attack.Databreach all the emails of German members of Parliament — the same institution that has attacked Attack.Databreach NATO headquarters , and that is the same even that has tried to influence American elections lately and so in a very high probability you could point east from us ” ( to Moscow ) , Plevneliev said . A pro-Russian political novice was elected in November to replace Plevneliev . The Vienna-based Organization for Security and Cooperation in Europe , whose tasks include monitoring elections across Europe and the conflict in eastern Ukraine , was attacked in “ a major information security incident ” in November , spokeswoman Mersiha Causevic Podzic said . The incident “ compromised the confidentiality ” of the organization ’ s IT networks , Podzic said . The French daily Le Monde , which first reported the incident , cited a Western intelligence agency attributing the attack to the Russia-linked group APT28 , aka Fancy Bear , and Sofacy . Russia , a member of the OSCE , has objected to the group ’ s criticism of Russian-backed forces battling the Ukrainian government in eastern Ukraine . Russian hackers posing as the “ Cyber Caliphate ” were suspected of attacking France ’ s TV5Monde television channel in 2014 , causing extensive damage to the company ’ s computer systems , FireEye , a cyber security firm that examined the attack , told BuzzFeed . The attack involved posting of Islamic State propaganda , but appeared to use the same servers and have other similarities with Russian-linked APT28 , the group that is a suspect in attacks on the Democratic National Committee , the OSCE and several other European countries . “ APT28 focuses on collecting intelligence that would be most useful to a government , ” FireEye said . “ Specifically , since at least 2007 , APT28 has been targeting privileged information related to governments , militaries and security organizations that would likely benefit the Russian government ” . The security chief of France 's ruling Socialist Party recently warned that the country 's presidential election this spring is at risk of being hacked . Hackers in 2014 attacked Attack.Databreach the Warsaw Stock Exchange and at least 36 other Polish sites , stealing data Attack.Databreach and posting graphic images from the Holocaust . The group that claimed responsibility , CyberBerkut , is the same Russian-linked group that attacked Ukrainian sites . The group , posing as Islamic radicals , stole Attack.Databreach data and released Attack.Databreach dozens of client log-in data , causing mayhem for the exchange , according to Bloomberg News . Dan Wallach , a computer scientist at Rice University who testified about election computer security on Capitol Hill in September , said definitive proof of who conducted an attack would reveal methods and sources who would be lost or killed if exposed . “ You ’ re never going to have definitive attribution , ” Wallach said in an interview . “ The proof is some crazy top secret thing and not for public dissemination ” .

These ATM heists are the work of a group of hackers that 's been active for years . Most recently , starting 2016 , this group has switched to using legitimate Windows apps and fileless malware to hack into government agencies and banks in at least 40 countries . Because those attacks used stealthy techniques that left a minimal footprint on infected servers , investigators were n't able to detect what the crooks were after . Nevertheless , they suspected the hackers stole Attack.Databreach data from infected systems , albeit they did n't know what data . More clues about these attacks came to light only recently . Security researchers from Kaspersky Lab , the ones who identified the initial attacks this February , believe they uncovered the purpose of some of the bank hacks . Presenting at the Security Analyst Summit ( SAS ) held these days in St. Maarten , Kaspersky Lab researchers said crooks broke into the networks of various banks using various exploits , where they used legitimate Windows tools and PowerShell malware to escalate their access to nearby systems . Their target was the system that managed the bank 's ATM network . Hackers used this system 's remote management feature to connect to the ATMs via RDP . They then transferred and installed a new breed of ATM malware on these machines , which Kaspersky Lab experts called ATMitch . This malware worked by reading a local command.txt file for instructions . When attackers knew they had partners in front of specific ATMs , they 'd upload instructions to the command.txt file and the malware would execute them , spewing out cash . Based on log entries , researchers believe the ATM printed on its screen the words `` Catch some money , bitch ! '' It is unknown how many ATMs attackers emptied using this technique because the malware would self-delete once the attack would end , cleaning up all its files . It was only by accident that on one ATM the malware left behind a file named `` tv.dll . '' After further digging around , researchers were able to discover how the malware worked and traced it back to banks compromised by the same group they uncovered this past February . Right now , researchers tracked down only two incidents with ATMitch , to a bank in Russia and one in Kazakhstan , but they believe that many more have also taken place . The only problem is that detecting either the hacked bank or the hacked ATM is almost impossible as most of the malicious behavior takes place via self-deleting malware and malicious PowerShell scripts executing in memory , without leaving any artifacts on disk . Once the bank server/computer or the AMT is rebooted , most of the clues are wiped from memory . ATMitch is not the first ATM malware strain that works by forcing ATMs to empty their cash dispensers . Other strains are GreenDispenser , and recent versions of the Alice and Ploutus ATM malware

On April 14 , the company disclosed to the California attorney general that a December 2015 breach Attack.Databreach compromised Attack.Databreach more sensitive information than first thought . It also disclosed new attacks Attack.Databreach from earlier this year that exposed Attack.Databreach names , contact information , email addresses and purchase histories , although the retailer says it repelled most of the attacks . The dual notifications mark the latest problems for the company , which disclosed in early 2014 that its payment systems were infected with malware that stole Attack.Databreach 350,000 payment card details . Over the past few years , retailers such as Target , Home Depot and others have battled to keep their card payments systems malware-free ( see Neiman Marcus Downsizes Breach Estimate ) . The 2015 incident started around Dec 26 . In a notification to California about a month later , the retailer said it was believed attackers cycled through login credentials that were likely obtained Attack.Databreach through other data breaches Attack.Databreach . A total of 5,200 accounts were accessed Attack.Databreach , and 70 of those accounts were used to make fraudulent purchases . Although email addresses and passwords were not exposed Attack.Databreach , the original notification noted , access Attack.Databreach to the accounts would have revealed names , saved contact information , purchase histories and the last four digits of payment card numbers . The affected websites included other brands run by Neiman Marcus , including Bergdorf Goodman , Last Call , CUSP and Horchow . According to its latest notification , however , Neiman Marcus Group now says full payment card numbers and expiration dates were exposed Attack.Databreach in the 2015 incident Attack.Databreach . The latest attack disclosed by Neiman Marcus Group , which occurred around Jan 17 , mirrors the one from December 2015 . It affects the websites of Neiman Marcus , Bergdorf Goodman , Last Call , CUSP , Horchow and a loyalty program called InCircle . Again , the company believes that attackers recycled other stolen credentials in an attempt to see which ones still worked on its sites . It appears that some of the credentials did unlock accounts . The breach Attack.Databreach exposed Attack.Databreach names , contact information , email addresses , purchase histories and the last four digits of payment card numbers . It did n't specify the number of accounts affected . The attackers were also able to access Attack.Databreach some InCircle gift card numbers , the company says . Web services can slow down hackers when suspicious activity is noticed , such as rapid login attempts from a small range of IP addresses . Those defensive systems can be fooled , however , by slowing down login attempts and trying to plausibly geographically vary where those attempts originate . For those affected by the January incident , Neimen Marcus Group is enforcing a mandatory password reset . It 's an action that 's not undertaken lightly for fear of alienating users , but it 's a sign of how serious a service feels the risk is to users or customers . The company also is offering those affected a one-year subscription to an identity theft service .

Criminals are still trying to shake down Attack.Ransom users of the Ashley Madison dating/cheating online service . As you might remember , the service was hacked Attack.Databreach in 2015 , and the attackers stole Attack.Databreach sensitive personal and financial data of 37 million users , and later dumped it online . Since then , cyber criminals have been attempting to monetize this data by sending emails to users whose info they found in the dump , threatening to reveal all of it to the target ’ s nearest and dearest , and asking for money Attack.Ransom in exchange for silence . The emails generally contain some of the target ’ s personal data as to make the threat believable , and often claims that the attackers have found the target ’ s Facebook account and , therefore , have the means to contact their friends , family , and employer . In this latest round of blackmail attempts Attack.Ransom , they are threatening to set up a site and publish all the stolen information . “ On May 1 2017 we are launching our new site – Cheaters Gallery – exposing those who cheat and destroy families . We will launch the site with a big email to all the friends and family of cheaters taken from Facebook , LinkedIn and other social sites . This will include you if do not pay to opting out , ” the email says , as noted by ZDNet ’ s Robin Harris , who received one . The extortionists are asking for Attack.Ransom some $ 500 ( in Bitcoin ) . It ’ s impossible to tell whether these crooks are the same ones that mounted previous email blackmail attempts Attack.Ransom . What is definitely obvious is that they are betting on there still being some users with too much to lose if the information gets out . Harris did not share the contents of the email he received , but recipients can be sure that if their Facebook or other social media account isn ’ t specified in it , the blackmailers haven ’ t actually connected the two accounts . More likely than not , they have simply written a script that takes specific info from the Ashley Madison data dump Attack.Databreach , inserts it in a template email , and fires these emails off to as many recipients as possible .