On Tue, Mar 11, 2014 at 9:10 AM, Kevin Miller <atftb2@alaska.net> wrote:
> On 03/11/2014 03:42 AM, Royce Williams wrote:
> snip
>
> As to the ACS compromise, I have zero knowledge of the actual controls
>> that ACS had in place (different part of the house), but from the
>> notification sent to employees (and former employees, of which I am
>> one) and the KTUU piece [1], it appears that ACS couldn't definitively
>> tell which information was exfiltrated. They have to assume worst
>> case. This is a strong argument for having controls in place that
>> leave a trail of which data went where. Some of the components of
>> Security Onion [2] -- strongly recommended for the security-minded (or
>> security-curious) -- can help here. Also, disk is relatively cheap
>> these days, so saving network flows for a few months (or even full
>> packet capture for a few rolling days) is probably also a good idea.
>>
>
> Kinda funny the information Greg posted comes from an AG clear across the
> country. The KTUU article said it was employees and former employees.
> Does it include customers too? Either I haven't received it, or it was
> deleted as spam along with the all the other "ACS webmail administrator"
> phishing spam that comes in daily.
>
There's been no mention of customer PII being at risk.
> As an aside, what happened to the internet status page? My home internet
> dropped this morning so when I got to work I went to the ACS home page but
> can no longer find the current status/outages page...
When was the last time that you saw one? There hasn't been an actively
maintained one (that I am aware of) since shortly after the Internet Alaska
days (so about 13 years).
Royce
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Mar 12 06:59:53 2014
This archive was generated by hypermail 2.1.8 : Wed Mar 12 2014 - 06:59:53 AKDT