Banking and Finance Sector

Extracted from the 5/14/2008 DHS Daily Open Source Infrastructure Report (Website)

15. May 13, Associated Press (National) Pfizer: personal information on employees on stolen laptop. There has been another computer security breach at Pfizer Inc., this time it is the theft of a laptop containing information on thousands of employees, including 5,000 in Connecticut. It is the second such breach in a month. Information on Pfizer employees was compromised when a company laptop and flash drive were stolen from an employee's vehicle about a month ago, the company said Monday. The company would not identify the location of the theft. More than 65,000 data-breach notifications have been sent out by Pfizer over the past year. The company has told affected employees, including many at Pfizer Global Research and Development campuses in Groton and New London, Connecticut, that no Social Security numbers were on the encrypted laptop in the latest theft. But names, home addresses, home telephone numbers, employee identification numbers, positions and salaries are on an unencrypted flash drive. The flash drive contained two worldwide reports with information from various Pfizer divisions, including animal health, finance, human resources, legal and medical, in addition to the local R&D headquarters, which employs about 5,500 people in Groton and New London, according to the company.
Source

16. May 13, Bloomberg (National) SEC warns exchanges about overstating market share, people say. Nasdaq OMX Group Inc. and NYSE Euronext were warned by the U.S. Securities and Exchange Commission (SEC) against inflating monthly marketshare figures to lure business, people with direct knowledge of the matter said. The head of the SEC trading and markets division sent letters to the exchanges last month cautioning them not to overstate trading volumes, the sources said. The letters said exaggerated press releases could mislead investors and help exchanges draw customers, according to the people, who declined to be identified because the correspondence was private. At issue are about 1.86 billion shares that brokerages pair off for customers outside of an exchange. The official's letters expressed concern exchanges may take credit for those trades, which are only reported after completion in one of the three socalled Trade Reporting Facilities, the people said.
Source

17. May 13, Buffalo News (National) Small businesses to get refunded for online directory scam. A New York City-based business has been penalized $150,000 and ordered to pay up to $3 million in restitution to small businesses in Western New York and across the country. Bright Pages, LLC, an online directory service, sent out correspondence to tens of thousands of current Yellow Pages customers, emblazoned with the words "Yellow Pages" and its "walking fingers" logo. What looked like surveys asking for verification of existing account status with Yellow Pages were actually order forms to buy listings with Bright Pages. Once the forms were filled out and returned, customers were charged $77 per month or $231 per quarter for the listings.

Source

18. May 12, Reuters (National) JPMorgan may face SEC civil charges. JPMorgan Chase & Co said on Monday that it received a notice from federal regulators indicating that one of its units may face an enforcement action related to "the bidding of various financial instruments associated with municipal securities." Last month, Bear Stearns Cos, which JPMorgan is buying, also got a notice from the U.S. Securities and Exchange Commission indicating possible civil charges, stemming from anticompetitive activity relating to bidding for municipal securities. It was unclear whether there was any relationship between the two investigations.
Source

19. May 12, Wall Street Journal (subscription) (National) Wachovia's auction-rate securities are probed by U.S., state regulators. Wachovia Corp. confirmed that its Wachovia Securities LLC and other affiliates received inquiries and subpoenas from the Securities and Exchange Commission and several state regulators regarding auction-rate securities. The firm said the regulators are seeking information concerning the underwriting, and sale and subsequent auctions of municipal auction-rate securities.
Source

20. May 12, WFIE 14 Tri-State and KFDA 10 Amarillo (National) Major disasters ravage the world. From cyclones to tornadoes to quakes, the recent disasters have created an immediate need for help. The Red Cross in Evansville, Indiana, is one of several international agencies that send relief supplies and volunteers to areas that need it. Disasters such as Monday morning's quake in China are still being assessed, but if people decide to donate, it is important to do their homework on the organization they choose. Donors can contact the Better Business Bureau (BBB) for information on several reputable non-profits. Red Cross officials said, especially now, money is needed. The BBB is offering eight tips to ensure aid goes to the right people, including those affected by the cyclone in Myanmar. They are: 1) Rely on Expert Opinion when it comes to evaluating a charity. 2) Find out if the charity has an on the ground continuing presence in Myanmar. 3) Find out who will benefit in Myanmar and what type of assistance they will be provided. 4) Be wary of claims that 100 percent of donations will assist Myanmar victims. 5) Find out if the charity is providing direct aid or raising money for other groups that are active in Myanmar. 6) Be cautious of giving online. 7) Gifts of clothing food or other in kind donations are not recommended. 8) If tax deduction is a concern, donate domestically. Sources: http://www.14wfie.com/Global/story.asp?S=8312900 and http://www.newschannel10.com/Global/story.asp?S=8304801

21. May 12, News Day (National) 5,000 Dave and Buster's customers targeted by hackers. An international computer hacking gang broke into the computerized cash registers electronically at the Dave and Buster's restaurant in Islandia, New York, and stole credit card information of 5,000 customers -- starting a flood of at least $600,000 worth of fraudulent purchases around the world, federal prosecutors said Monday. The remote break-in last year at the restaurant was part of an overall attack on the Dave and Buster's chain, which has 49 locations in the United States. It was not immediately determined if any other attacks on the Dave and Buster's chain were successful. The gang members apparently made thousands of attacks, attempting to break into computer systems around the world, including 10 other Dave and Buster's locations. The gang sold the credit card information to other unidentified people who made the actual purchases, officials said.
Source