CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 17th, 2008

Unauthorized Access To Stryker Corporation Employees Database

On February 18, 2008, Stryker Instruments, a division of Stryker Corporation, discovered that an unauthorized user recently gained access to its virtual private network (VPN) multiple times over a period of several months. One of the servers accessed by the unauthorized user contained a database of Social Security numbers of certain employees in 48 different states and Puerto Rico.

Stryker immediately disabled the domain administrator service account through which the unauthorized user had accessed the VPN. It then promptly began investigating the incident and engaged an independent computer forensics investigator to determine the scope of the breach and the identity of the unauthorized user. The investigation revealed that the unauthorized user accessed several Stryker servers and applications. Stryker and its computer forensics investigator were unable to conclude whether the database was actually accessed of whether any Social Security numbers were acquired.

Based on the manner in which the user acquired access to Stryker’s network and the user’s network activity, Stryker believes the unauthorized user is a former employee with prior knowledge of the network. Stryker suspects a particular employee, but has been unable to confirm whether that individual is, in fact, the unauthorized user. Stryker contacted the office of its local U.S. Attorney and the Federal Bureau of Investigation in Kalamazoo, Michigan to inquire whether the FBI would investigate the matter further. On March 20, 2008, the FBI informed Stryker that based on current information, it would not pursue a criminal investigation.

Stryker will provide a notice of the security incident to each potentially affected employee and mailed the notice to affected employees on April 10, 2008.

In order to prevent future security breaches of this nature, Stryker took certain action immediately after discovering this breach: discontinued access to the VPN through the domain administrator service accounts, performed an audit of its privileged access accounts and eliminated any unnecessary service accounts, changed the passwords of all service accounts, implemented a policy to prohibit user password changes via telephone. Stryker also plans to implement a number of additional preventative measures in the coming months.

If you have any questions or believe you may have an identity theft issue, please call ID TheftSmart member services at 1-800-588-9839 between 9:00 a.m. and 6:00 p.m. (Eastern Time), Monday through Friday.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • Personal Information Sent To An Analysis Firm Stolen From State Street Corporation
  • Former LendingTree Employees Sold Access To Customers Database
  • Heinemann-Raintree Reports a Year And A Half Old Breach in Their E-commerce Website
  • Personal Records Stolen In Georgia Department
  • A Mistake At The University of Toledo Exposes 6500 Employees

    • Posted in Privacy | Print This Post Print This Post

    This entry was posted on Thursday, April 17th, 2008 at 2:38 pm and is filed under Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Unauthorized Access To Stryker Corporation Employees Database

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « « Apple Patches Multiple Vulnerabilities In Safari 3.1.1
    Oklahoma Department Of Corrections Website Exposed Sex Offenders Data » »