MBIA hacked, server misconfiguration allowed illegal data access

A security breach appears to have exposed 230 pages of customer credentials and account numbers to hackers, says the United States' largest bond insurer. An intrusion was discovered on a server housing data on an assets management firm the insurer had just agreed to sell.

MBIA, the Municipal Bond Insurance Association, said the server housing Cutwater Assets Management data may have been compromised by individuals who took advantage of a misconfiguration in an Oracle Reports server.

"We have been notified that certain information related to clients of MBIA's asset management subsidiary, Cutwater Asset Management, may have been illegally accessed," said MBIA spokesman Kevin Brown. "We are conducting a thorough investigation and will take all measures necessary to protect our customers' data, secure our systems, and preserve evidence for law enforcement."

MBIA reported to the U.S. Securities and Exchange Commission its intent to sell Cutwater Holdings LLC to the Bank of New York Mellon Corp. on Monday, Oct. 6, though it said the sale of the firm would have minimal effect on its finances. That same day, Bryan Seely, of Seely Security, informed MBIA that he discovered evidence that a server holding Cutwater data had been compromised.

Seely discovered the compromise when he queried it with a search engine and he said the breached server left open a door to enough financial data that he could have used it to buy his own planet. The breach is that massive, says Seely, who compares the intrusion to heist at a vault guarded by just a slumbering security guard.

"Malicious hackers finding dozens of universities or companies with Social Security numbers, health data or other information is devastating, but stumbling on bank accounts and the instructions for how to empty them is potentially catastrophic," says Seely. "Billions in taxpayer funds, invested into one of the largest institutions in the world that were essentially being guarded by a sleeping security guard. What happens to those states when the money disappears?"

MBIA's security problems come just days after several Yahoo servers were pried open by the backdoor vulnerability known as Shellshock. Yahoo said it has found no evidence that any customer information was accessed.

"As soon as we became aware of the issue, we began patching our systems and have been closely monitoring our network," said Elisa Shyu, a Yahoo spokeswoman. "We isolated a handful of our impacted servers and at this time we have no evidence of a compromise to user data."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics