Modernizing Authentication — What It Takes to Transform Secure Access
The Killeen Daily Herald reports that unidentified hackers breached the phone system for Texas' Bell County from November 30, 2013 to December 2, 2013 and placed a series of international calls, hitting the county with more than $27,000 in charges in a single day (h/t Softpedia).
"I have staff members who've been here 35 years and they've never seen anything like this," County Auditor Donna Eaking told the Herald.
On November 30, 2013, the hackers leveraged a weak four-digit password on a phone extension in the county's Road and Bridge Department that gave them access to the phone's automated menu system and enabled them to route thousands of international calls to Grenada through Bell County's switchboard.
AT&T alerted Bell County to the surge in activity on December 2, 2013. "We immediately asked AT&T to disable our international call capability upon learning about the issue and continue to monitor for unusual activity," Jim Chandler, director of the county's Technology Services Department, told the Herald.https://l1.cdn.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Still, that wasn't enough to fully disable the attack -- KWTX reports that AT&T detected another intrusion on December 13, 2013.