http://www.wtkr.com/news/sns-ap-va–databasebreach,0,6568639.story

RICHMOND, Va. (AP) — Virginia officials say 639 individual Social Security numbers were potentially made public and they have taken steps to ensure the information is secure and no longer available.

The Department of General Services said Friday it will review information from agencies where the data originated to determine how the database breach occurred.

Spokeswoman Susan Pollard said the numbers would have been accessible only to someone who accessed the department’s website.

We recently discovered that unauthorized intruders gained access to a Trion Worlds account database. The database in question contained information including user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards.

There is no evidence, and we have no reason to believe, that full credit card information was accessed or compromised in any way. We have already taken further action to strengthen our systems, even as we, with external security experts, continue to research the extent of the unauthorized access.

You will notice on your next log in to our website that you will be required to change your password, and existing Mobile Authenticator users will also need to reconnect their Authenticator. When you log in, you will be prompted to provide a new password, security questions and answers, and be given the option to connect your account to our Mobile Authenticator to enhance your account’s security.

If you have used your username and password for other accounts, especially financial accounts or accounts with personal information, we suggest you change your passwords on those accounts as well. We recommend that you carefully review your statements, account activity, and credit reports to help protect the security of those accounts. If you need information on how to obtain your credit report or believe any such accounts have been breached, please visit www.trionworlds.com/AccountNotification for more information.

You should have continued, uninterrupted access to RIFT, and we do not anticipate any disruptions to your playing time.

Nevertheless, if you own the RIFT game, you will be granted three (3) days of complimentary RIFT game time once you update your password and security questions.

Additionally, once you update your account and set a new password, your account will be granted a Moneybags’ Purse, which increases your looted coin by 10%, even if you have not yet purchased RIFT.

Please log in to https://rift.trionworlds.com (and we recommend that you copy and paste this link into your browser to access the site) to update your password, security questions and Authenticator.

We apologize for any inconvenience this may have caused you. If you have further questions, please visit our website, www.trionworlds.com/AccountNotificationFAQ.

– The Trion Worlds Team

t’s not the first time that RIM’s security measures have caused a bit of an inferiority complex , but the Indonesian government now is threatening to ban BIS and BBM services within the nation if it doesn’t get its way. Partially, it seems that Indonesian officials are upset that Research in Motion will be building its new data centers in Singapore, rather than in the homeland. Additionally, as is, the government is unable to monitor these communications, which it sees as a security risk. As you likely know, all data is currently processed in RIM’s Canadian facilities. Heru Sutadi, a member of the Indonesian Telecommunication Regulation Body, had the following to say: “With the condition as it is now, we warn that the country’s users to be cautious about using BlackBerry because the data exchanged is not safe or cannot be guaranteed of its safety.” Sounds creepy, right? We always feel safer when knowing the government is monitoring our messages, too.

Source: datacenterknowledge.com

Google (GOOG) said on Thursday that it is spending $300 million on a data center in Hong Kong. This will be Google’s first company-built data center in the Asia-Pacific region.

In late September of this year Google announced a major expansion of its infrastructure in Asia with an investment of $100 million to build new data centers in Singapore, Taiwan and Hong Kong. The announcement for the Hong Kong data center came as Google held a groundbreaking ceremony for the 2.7 hectare site of the planned facility. The $300 million investment encompasses land, construction and technical equipment. It will be located in the Tseung Kwan O Industrial Estate in Kowloon. Google expects to hire 25 full-time staff.

Despite the political challenges in Southeast Asia, Google says it is seeing significant growth and locating these data centers in Singapore, Taiwan and Hong Kong is an important next stage for the company’s investment in the region.

“We’re working as quickly as we can to get this facility operational so we can keep up with rapid growth in capacity demand across the region,” said Simon Chang, head of Google’s hardware operations in Asia. “Currently, we are targeting early 2013 to start bringing the facility online.”

Google has been developing plans and scouting locaitons for building data centers in Asia for some time now , as it has been talking with various government officials and buying undersea cable infrastructure.

“Valve has revealed that hackers have gained access to the Steam database and have pulled a variety of information. A statement from Gabe Newell reads in part: ‘Dear Steam Users and Steam Forum Users, Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums. We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating. We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.”

This howto shows how to install Windows 7 over the top of a linux install. THIS WILL WIPE EVERYTHING ON THE DRIVE.

1) Make sure your bios is set to boot from the CDRom first.

2) Press any key to boot from cd when asked during the start up.

3) select your Language, Time and Keyboard settings and click next.

4) Click the Install now button.

5) Accept the license terms and click next. (you can even read them if you really want to)

6) Click Custom (advanced)

7) Click drive options (advanced)

click the parttions 1 by one and click delete. confirming when asked.

9) once all are deleted click on Unallocated space and click new.

10) press Apply with the space you want to use. default is all space.

11) now you can click on your Partition and click next.

12) your done. Windows will now start to install.

Save the following script in your libexec folder in nagios

<?php

$fp = fsockopen("isc.sans.org", 80, $errno, $errstr, 30);

if (!$fp) {

echo "Infocon Security Status: $data"; exit(3);

} else {

$out = "GET /infocon.txt HTTP/1.1\r\n";

$out .= "Host: isc.sans.org\r\n";

$out .= "Connection: Close\r\n\r\n";

fwrite($fp, $out);

while (!feof($fp)) {

$data = fgets($fp, 128);

}

fclose($fp);

}

if ($data == "green") { echo "Infocon Security Status: $data"; exit(0); }

if ($data == "yellow") { echo "Infocon Security Status: $data"; exit(1); }

if ($data == "orange") { echo "Infocon Security Status: $data"; exit(2); }

if ($data == "red") { echo "Infocon Security Status: $data"; exit(2); }

?>

Then add the following to your commands.cfg

define command{
command_name    check_sans
command_line    php $USER1$/check_sans.php
}

you can then add the command to your nagios. if the current status is green then nagios will report OK. If its yellow it will report Warning and if Orange or Red nagios will report Critical.

We have dropped 4 of out servers that were being used for backup and testing. This was due to the servers being unstable and the hosts being untrustworthy. If anyone every look sat servers from w2servers I advice against it.

This has taken the Zlin, london1, London2 and USA1 offline.
We have replaced the USA1 server with USA2 server in the same data center but durectly from FDCServers this time.

Some of our services will be offline for the next 2-3 days due to building work.

This will not effect most services. Some of my own databases will be offline so ou may see some problems with some parts of ukinternetreport.co.uk.

This downtime will also effect our internal network including out phone systems and monitoring system.

If you have any problems please email me direct at downtime@aj-services.com

Thanks to http://www.safety1st-hep.co.uk/ for helping to limit the downtime on the servers.

We are currently in the process of setting up a new server in Zlin (Czech Republic).

This server is not online yet but will be in the next few days.