Phishers hook data on visitors to Oak Ridge Labs

Accessed database storing personal data on those visiting between 1990 and 2004

In yet another example showing that clueless consumers aren't the only ones who fall victim to computer scams, the Oak Ridge National Laboratory yesterday disclosed that phishing attacks may have provided cybercrooks with access to personal data on people who visited the lab between 1990 and 2004.

In an e-mail sent to staffers this week, Thom Mason, director of the government research facility, reported that the lab has been the target of what he described as a sophisticated cyberattack by hackers seeking to gain access to computer networks at numerous research facilities and other government institutions across the country.

According to the note, the unknown hackers gained access to a nonclassified laboratory database, which contained personal information on people who have visited the facility in Oak Ridge, Tennessee, over a 14-year period starting in 1990.

Mason said the hackers made about 1,100 attempts to steal data by sending an unknown number of staffers a total of seven phishing e-mails. It was not immediately clear from the letter if that meant a total of 1,100 such e-mails were sent or if 1,100 separate attempts were made to send such messages to the organization.

According to Mason's e-mail, the phishing e-mails appeared legitimate and attempted to persuade recipients to open attachments or links. One of the bogus e-mails, for instance, purported to notify individuals of a scientific conference. Another pretended to notify the recipients of Federal Trade Commission complaint, he noted.

"At present, we believe that about 11 staffers opened the attachments, which enabled the hackers to infiltrate the system and remove data," Mason's note stated.

"Reconstructing this event is a very tedious and time-consuming effort that likely will take weeks, if not longer, to complete," he added. Meanwhile, he said, the lab is attempting to notify all the potential victims, whose Social Security numbers, names and dates of birth may have been pilfered.

The Oak Ridge incident is the second recent widely publicized phishing attack on a large organization. Earlier this year, grocery chain Supervalu Inc. was nearly scammed out of US$10 million by phishers.

In that incident, the company received e-mails that falsely claimed to be from two of its approved suppliers -- American Greetings and PepsiCo's Frito-Lay unit. The e-mails instructed Supervalu to send future payments to both suppliers to new bank accounts, one in Florida and the other in Arkansas.

The company sent over US$10 million to these fake accounts before realizing that it had been conned.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?