Skip Navigation

Critical Infrastructure News

Jail

How a hack almost sprung a prisoner out of jail

We’re all hopefully familiar with the notion that criminals can phish details from unsuspecting computer users by creating copycat websites.

To make a phishing page appear more legitimate a scammer might create a domain with a similar looking URL – for instance, appIe.com rather than apple.com (hint: if you didn’t notice, the first “appIe” had a capital “i” in its name rather than an “l”.)

But would it surprise you to hear that similar devious URL trickery could also potentially help a hacker spring one of his buddies from prison?

Last week, Konrad Voits from Ann Arbor, Michigan, pleaded guilty to breaking into the computer systems of Washtenaw County in an attempt to – ultimately – extract an inmate from the prison system.

The 27-year-old hacker’s plan hinged upon the creation of a website called ewashtenavv.org (note the two “v”s at the end), designed to look like the genuine website for Washentaw County,
ewashtenaw.org.

In early 2017, Voits sent emails to County employees claiming to be a “Daniel Greene” and requesting help with court records. He also phoned employees posing as actual members of the County’s IT staff, in an attempt to trick workers into visiting the bogus website in order to “upgrade the County’s jail system”, but which would actually result in the installation of malicious code.

Unfortunately, some staff fell for Voits’s trick, and malware was installed on the County network.

With that bridgehead in place, Voits was able to gain full access to the County’s systems, including the passwords, usernames and personal information of 1600 employees, but also – most interestingly – the XJail software it used to monitor and track jail inmates.

With the login credentials to the prison management system in his hands, Voits attempted to change the records of one prisoner to arrange their early release.

It’s at this point that the County’s luck changed. Employees at Washtenaw County Jail spotted that something strange was afoot, alerted the FBI, and no prisoners managed to be released early as a result of the hack.

TIO

PayPal Says 1.6 Million Customer Details Stolen in Breach at Canadian Subsidiary

PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers.

The victim of the security breach is TIO Networks, a Canadian company that runs a network of over 60,000 utility and bills payment kiosks across North America. PayPal acquired TIO Networks this past July for $238 million in cash.

On November 10, PayPal suspended the operations of TIO's network. The company admitted that a security breach took place, but did not provide any other details.

In a press release published in a late Friday afternoon news dump, PayPal provided more details about the incident.

A review of TIO’s network has identified a potential compromise of personally identifiable information for approximately 1.6 million customers. The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal’s customers’ data remains secure.

PayPal says the intruder(s) got access to the personal information of both TIO customers and customers of TIO billers. The company did not reveal what type of information the attacker accessed, but since this is a payment system, attackers most likely obtained both personally-identifiable information (PII) and financial details.

As data breach laws impose, PayPal has now started notifying customers and is offering free credit monitoring memberships. TIO users can also visit the TIO Networks website for more details.