Risk
2/4/2009
05:44 PM
Connect Directly
RSS
E-Mail
50%
50%

Federal Workers Warned Of Potential Data Compromise At SRA

Virus found on government contractor's network could threaten sensitive data

Federal government employees are being notified of a potential compromise of personal information following the discovery of a virus on the network of SRA International, a major government contractor.

In a breach disclosure notification submitted to the Maryland attorney general's office on Jan. 20 (PDF), SRA revealed that it has launched an investigation into the virus. The company is "swiftly implementing mitigation and remediation actions to eradicate the virus," the notification says.

This is the second time that SRA has suffered a publicly disclosed security breach. In July 2007, the Associated Press reported that it was able to pull sensitive documents directly from SRA's anonymous FTP server, enabling reporters to gain access to military networks. The servers were subsequently pulled down and replaced with more secure servers, according to news reports.

SRA has not disclosed details on what the virus looks like or how it might have gotten onto the SRA network. The company did say that the malicious software may have allowed hackers to get access to data maintained by SRA, including "employee names, addresses, Social Security numbers, dates of birth, and health care provider information."

The virus was apparently not detected by the company's antivirus software, according to the notification letter. SRA says it is working with its antivirus vendor to add the ability to detect the malware. The company also says it believes that other companies may have been hit by the same problem.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6335
Published: 2014-08-26
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and ...

CVE-2014-0480
Published: 2014-08-26
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL ...

CVE-2014-0481
Published: 2014-08-26
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a d...

CVE-2014-0482
Published: 2014-08-26
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors relate...

CVE-2014-0483
Published: 2014-08-26
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.