More Data Stolen

Finjan Inc., a leader in secure web gateway products, today announced its discovery of a server controlled by hackers (Crimeserver) containing more than 500Mb of premium
data. The data included healthcare and business related data, as well as
personal identifiable information (stolen Social Security Numbers). This
data is part of the premium offering that the cybercriminals operating the
Crimeservers were selling to the highest bidder online.

The compromised data came from all around the world and contained
information from individuals, businesses, airlines and healthcare
providers. The report contains examples of compromised data that Finjan
found on the Crimeserver, such as:

- Compromised medical related data of hospitals and publicly owned
healthcare providers

- Compromised business related data of a U.S. airline carrier

- Identity theft (stolen Social Security Numbers)

Some of the implications of stolen medical and patient data include:
illegal and/or bogus treatments; obtaining prescription drugs for the
purpose of selling them; loss of health coverage for the victimized
patient; inaccurate records of victimized patients, which could result in
incorrect and potentially harmful treatments. Healthcare providers could
also face potential HIPAA violations or breach of general data protection
legislation.

Finjan's Malicious Code Research Center (MCRC) detected a Crimeserver
operated by cybercriminals who used campaigns to steal data. These
campaigns consisted of highly sophisticated attacks, incorporating
Crimeware toolkits, Trojans and Command and Control (C&C) servers to drive
traffic from a specific region, with specific characteristics.

"This report illustrates the latest development in cybercrime. It shows
the business cycle of data collecting and trading by today's
cybercriminals. Crimeware infecting PCs is a serious business problem that
has far-reaching consequences, such as impacting the security of businesses
and patients around the world," said Yuval Ben-Itzhak, CTO of Finjan. "We
see that cybercriminals go after premium data that they can trade for
substantial profit. The increase in Web-based attacks is staggering.
Industry figures include a growth of more than 200% of Web-based malware,
with an increase of over 800% in backdoor and password-stealing malware,
illustrating that sensitive corporate and medical are at risk."

According to Finjan, the fact that sensitive business, patient and
personal data were compromised in a timeframe of less than one calendar
month underscores the necessity for enterprises and organizations to have a
comprehensive security technology in place that provides effective
protection against these sophisticated threats.

The compromised data and the Crimeserver applications were detected
using Finjan's patented active real-time code inspection technology while
diagnosing users' Web traffic.