NorQuest College woes of alleged harassment in IT data theft

NorQuest College is in Edmonton, Alberta and Clarence Orleski was the manager of technology infrastructure until being terminated on December 4, 2012 by executives Shawn Terlson and John Smith.  Apparently, Orleski did not get along with Smith and on a September 20, 2012 morning of a planned meeting Smith received an email from Orleski stating:

"I've been wanting to touch base with you and get the name (and contact info) of the lady you introduced to me back in the late fall last year…

I forget her name, but she is the one that you and her thought no one was in the office at the time. I was going to interrupt the two of you, but I felt I might be intruding on something, so I just hung around for a while. 🙂

…I think her name was (woman's name)"

Orleski then went to the meeting and exclaimed he couldn't stand the sight of Smith and requested to work from home until his planned retirement of March 2013.  The request was denied and Orleski was given a disciplinary warning.

The next day, September 21, Orleski allegedly ran DBAN on his NorQuest work laptop to wipe his hard disk.  A few days later, Orleski was reprimanded by Smith for a $10,000 phone bill on his work phone and iPad while on vacation in Europe.  Smith told Orleski that he was not expected to be available (i.e. not to expect the college to pay the bill.)  Orleski then went on sick leave for two months until his firing.

January 21, 2013, NorQuest college then terminated Terlson.  Terlson then received an email:

"I guess what I'm trying to figure out is which one are you? 'Dumb' or 'Dumber'… Don't worry, Mr. pretty boy (Smith) won't be far behind you…

On February 19, 2013, dozens of executives and staff at NorQuest college received an email full of PDFs which started with:

"What you're about to read is correspondence of a sexual nature between myself (John Smith) and my little playful sweetie"

On March 1st, 2013, a court order was issued and Orleski's personal computer, iPad, phone, and other storage were confiscated by that afternoon.  A $2 million claim of damages was made by the college but a settlement was made in 2015 and the lawsuit ended in January 2016.  In the end, a privacy breach was uncovered of unrelated materials stored on the 2.4 gigabytes of 45,920 files in a folder on Orleski's computer including financial data, employee personnel information, and an employment contract of the college president. 

Breach of ? 47k Asiana Airlines passports & bank details

Asiana Airlines’ passengers had images of their scanned passports showing data as old as September 2014 from an exposure of its website which revealed attachments from customer query emails. The exposure appears to have been from the Frequently Asked Questions (FAQ) section of their website and files saved their since May 2015.
Immediately after the discovery, Asiana temporarily shut down its server for the FAQ section.
Korea Internet and Security Agency has launched an external investigation to look at the violation of Korea’s 2011 Personal Information Protection Act.
Other websites which may face the same investigative scrutiny that were built by Asiana are Air Busan and Air Seoul.

Passport of Asiana Air Customer
Passport of Asiana Air Customer

Easy Giving – Support the Cause

Just a reminder that shopping is a new and easy way to give to Information Security Pro. At infosecpro.causenetwork.com, over 1,000 stores donate up to 10% of every purchase back to us. It is just that easy, and it does NOT cost you any extra.

Please go to infosecpro.causenetwork.com now, add the site to your “favorites”, and remember us when you need to shop. We’re really humbled by your generosity, and the difference you’re making in the information security world. Thanks for being a supermember of the Information Security Pro community.

Thank you for your ongoing support.

download

105 busted in global credit card fraud

What do the UK, Netherlands, Germany, Belgium, and Malaysia all have in common?
If you answered "a Credit Card syndicate which was disrupted by Europol's European Cybercrime Centre (EC3)" then you are correct.

The Organized Criminal Group (OCG) which was creating and abusing counterfeit credit cards all across Europe and in Malaysia recently had 3,000 counterfeit cards confiscated along with jewelry, cash, and fake passports.  

OCG was created in Malaysia and has been committing credit card fraud schemes by abusing less secure locations for shopping such as duty-free shops in airports and electronic stores and buying high priced ticket items.  Through cooperation of American Express with the EC3 and local law enforcement around the globe, the investigation running since end of 2015 was able to successfully capture 105 suspects.

Information Assurance & Cyber Security Research and Education, a 501(c)(3)