Skip to content

1.4M Viator customer accounts possibly compromised

2014 September 20
by Todd Plesco

Viator, Inc, recently acquired by in July by TripAdvisor, has announced that approximately 1.4 million customer accounts may have been compromised.  It is believed that the exposure includes almost 880,000 of those customers' credit card numbers with expiry date, billing address, email address, login/password and name.

Viator Data Compromise


$2.7M Schools First Credit Union IT embezzlement

2014 September 19
by Todd Plesco

In a four-count mail and wire fraud case, David Lugo, Vice President of Information Technology (IT) has signed a plea agreement which outlines how he embezzled nearly $2.7 million in IT funds.  He apparently used funds to pay for his daughter's USC tuition, new cars, lavish vacations and jewelry, and cosmetic dental work.Schools First embezzlement

He initially started as a systems administrator and worked his way to the level of the IT leadership as vice president for his (former) employer SchoolsFirst Credit Union (SFCU.)  SFCU is local to Santa Ana, California and has $10 billion in assets and approximately 45 branches.  Lupo eventually began to buy unnecessary equipment such as Cisco routers which he would turn around and privately re-sell at a personal profit.  Unfortunately, the inventory, effective use, and disposal of these purchases were not adequately monitored.  As a precaution, Mr. Lugo later tried to delete his purchasing history from the computing environment.

The fraud was only detected a few months ago and eventually reported to the FBI.

Mr Lugo is slated to appeart in court on October 6, 2014 and eventually to formally enter a guilty plea.  The maximum prison term for this embezzlement is 80 years in prison.

Insider threats such as employee theft can manifest under some of these organizational factors:

  • Availability and ease; allowing access to those who don't need it
  • Information/assets are not adequately labeled, identified, nor inventoried upon purchase, use, decomissioning, or dispoal
  • Ability to exit a worksite or expected location while undetected with assets
  • An organizational perception that security is lax and theft consequences are minimal/non-existent
  • Rushed deadlines on projects or systems which encourage inadequate consideration or actual protection to assets
  • A lack of support for training how to properly protect information/assets

Did Social Media prolong the Westgate Nairobi seige?

2014 September 16
by Todd Plesco

The Somalian originated terror group al-Shabaab (“the Youth”) attacked a Nairobi, Kenya shopping mall on September 21st, 2013 and it lasted until September 24th.  At least sixty seven people died including four of the attackers.  Additionally, over 175 people were injuried by mass shooting by the gunmen.  mall attackers

Many Twitter users were giving live real-time updates for the duration of the seige.  One particular pair of tweets included photos purporting to be of the attackers (but later discovered to be Kenyan police forces.)  Those two tweets saw over 80 re-tweets in just under 30 minutes.  After two days, the two twitter posts were removed by law enforcement requests.

Between September 21 and 25th, Kenya Police tweeted approximately 570 times while al-Shabaab tweeted about 260 times.  The real takeaway is that an audit by Israeli experts revealed over 67,849 tweets over four days from bystanders may have put the lives of first responders at serious risk.

One news site comment by alias “paidpaipa” pointedly exclaimed, “…Assuming each twit took 1 minute to compose and post, then our police (yaani IG Kimaiyo) wasted 569 minutes, and Lenku {current Cabinet Secretary of Kenya} burnt 1533 minutes….2102 minutes in 4 days. That’s a whole 35 hours within the 96 hours the siege lasted. You tell me, how many lives could have been saved if someone was actually in the war room making life saving decisions?”