Local company's system hacked; employee info stolen
Green Bay Police say they are investigating the hacking of a local corporation's computer network, resulting in the theft of "significant amounts of money" from employees.
At the corporation's request, police are not identifying the company that was attacked, but they say it's a large local employer with its own IT department.
Officers say the hackers got into the human resources software and stole personal information from employees, including bank routing numbers.
"So then they were reporting that there was several hundred thousand dollars potential of theft from the employees and from the company itself, that their bank accounts had been compromised," said Capt. Jeremy Muraski, Green Bay Police Department.
Police say the vulnerability was a known issue and the company failed to install a security patch. That patch had been made available in October of 2017.
"There are server software, for servers that face the public, the public facing side of their company, websites typically," Muraski says. "And in this particular case, the company did not update their server to the latest security patches that came out from the server vendor.
"And that was a known exploit or known vulnerability or problem within their software. They didn't take the full precautionary steps that they could have to install the latest security patches. And the cyber actor or cyber actors took advantage of that exploit. They knew it was a flaw and they just happened to find the server that wasn't protected."
Police believe the breach happened several days ago. Employees started noticing that something was wrong.
"It did take a little bit of time before it was reported to us, so I think it was the kind of thing where an employee starting noticing something, then another employee started noticing something," Muraski says. "And all of a sudden, they said, 'hey there's a pattern here. What happened?'"
We asked Capt. Muraski if victims will be able to get their money back. He said, "probably." However, this could cause major financial headaches for people who lost a lot of money to the hackers.
"Typically, hopefully, because the banks would be insured they would, but the company may not have that same recourse. And depending on where the accounts are coming from and things like that, it could significantly damage that company and individuals in the meantime," Muraski says. "All of a sudden you're bouncing checks because you thought you had a couple thousand dollars in your account. All your bills go out, get paid, but there's no money to support it, so then you have a bunch of creditors after you. So it leaves kind of a trail of destruction in its wake for sure."
Muraski recommends everyone check bank accounts on a daily basis.
He also says it's a good idea to use services like Apple Pay and Samsung Pay, as they're more secure than cards and checks.
"Especially with online banking, we can't stress that enough. We've seen everything in Green Bay, little old Green Bay, but we have people using credit card skimmers. We have people hacking into personal information on company's websites or through their databases," Muraski says. "So use your bank account securely. Use it wisely. If you have a smartphone or have the ability to pay through an encrypted service, whether it's thumb print, Apple Pay, Samsung Pay, something like that, all those things are much more secure than obviously writing a paper check or using an ATM or anybody could observe what your PIN number is, things like that."
Muraski stresses the importance of installing the latest updates and security patches on your home computer.
"And for the home computer users, making sure your anti-virus is up to date, your anti-malware software is there. Maybe your internet firewall is updated frequently," Muraski recommends.
Police say they know of no other companies impacted in this area.
However, this has happened in other parts of the state. Green Bay Police are working with the FBI.
"One of the steps I took... I took and emailed some information to security professionals from that industry in town here, just to make it known," Muraski says. "And that's the other reason we wanted to put this out to the media right away is in case there are other companies we didn't think of to notify.
"We wanted everybody in the area to know, hey, this could be a geographically-targeted attack. They could be going after other businesses in our area, especially once they found out that there was one that was vulnerable. They would probably try to hit a few others."
We spoke with Mike Teske, an IT and Security Instructor at Northeast Wisconsin Technical College. His advice: Don't Panic.
"I mean there's checks in place, protections, FDIC, all these different things that people can at least feel a little bit safe that, OK, they can do some mitigation factors," Teske says.
It may seem like a chore, but it's important to use different passwords for different accounts.
"Companies, home, whatever, change your passwords regularly. It sucks, I know, but it is something we have to do," Teske says. "And it doesn't have to be this overly complex, cryptic password, just make a long password, 15 characters a pass phrase."
If the password requires an upper case letter, don't put it at the beginning. The hackers assume most people will do that.
If the password requires a number, don't put it at the end.
"People say, 'alright, I've got to have a number and an upper case character. Well what character is going to be upper case? It's going to be the first one. Now you've given the hackers, now they know that," Teske says. "Where do you put the number? So, we're not really being real complex when we just follow those same practices."
MORE STORIES ON PROTECTING YOUR CYBER LIFE: