Friday, October 10, 2008

World Bank Hacked Big Time

While it remains unclear how much data has been pilfered from the bank, it's a lot. According to internal memos, "a minimum of 18 servers have been compromised," including some of the bank's most sensitive systems — ranging from the bank's security and password server to a Human Resources server "that contains scanned images of staff documents." Story

[Update: Monday, Oct 13]
It looks like there is some push back from the World Bank spokesperson claiming "The Fox News story is wrong and is riddled with falsehoods and errors. The story cites misinformation from unattributed sources and leaked emails that are taken out of context."

True, Fox News is the only news source reporting on this story (other stories all link back to this one), but this also sounds like some spin control by the bank. It looks like Fox is mostly basing this story on a few emails they acquired.

From the emails:
"it was determine that the suspicious incident was indeed the result of a compromised, privileged, account."

"Two-factor authentication on all Admin accounts is being completed. Passwords have been changed on all administrator and service accounts"

The email contains a list of the servers that were compromised. This list includes the WBDC104 (Domain Controller) and WBES126 (HR Server). So, we have a privileged account that has been compromised, all other admin accounts implementing 2 factor authentication and changing the passwords, and the domain controller was compromised. This still looks pretty bad.

Take a look for yourself.

Email 1
Email 2

-Michael Coates