Day: December 27, 2022

U.S. Virgin Islands sues JPMorgan Chase…..

…accusing the bank of helping Jeffrey Epstein sex-traffic minors at his villa by ‘knowingly providing and pulling the levers through which recruiters and victims were paid’

  • A new lawsuit accuses Chase bank of ‘turning a blind eye’ to Epstein’s crimes 
  • The complaint was filed Wednesday in Manhattan District Court by the US Virgin Islands Attorney General’s office
  • The suit accuses Epstein of using his home on the islands for his horrific crimes 
  • Epstein, who died in 2019, was a client of JP Morgan Chase for 15 years  
  • The suit alleges that Chase ignored the various red flags surrounding Epstein

A new lawsuit launched by the US Virgin Islands’ attorney general on Wednesday accuses JPMorgan Chase of ‘turning a blind eye’ to the horrific sex crimes committed by Jeffrey Epstein.

In the suit, USVI AG Denise George accuses Chase of ‘knowingly providing and pulling the levers through which recruiters and victims were paid.’ The complaint was filed in Manhattan District Court.

George goes on to allege that Chase ignored the truth surrounding Epstein, such as his 2008 conviction in Florida for procuring a child for prostitution, in order to keep him as a client, reports The New York Times. 

The bank, who have yet to comment on the suit, kept Epstein as a client between 1998 and 2013 before finally cutting ties.

For years, the secretive financier was based out of his his private island, Little St. James in the Virgin Islands. He was found dead in 2019 in his jail cell in Manhattan while awaiting trial on sexual abuse of minors and trafficking charges. The official cause of death was suicide.

The new lawsuit explicitly states that Epstein used his home on Little St. James for his sex crimes. In June, Epstein’s former girlfriend Ghislaine Maxwell was sentenced to 20 years prison for trafficking minors for sex.

Epstein first became a client at Chase in 1998. There have been numerous reports since his death that the bank’s executives sought to keep Epstein on board due to his connections with some of the richest people in the world.

One section of the lawsuit reads: ‘Human trafficking was the principal business of the accounts Epstein maintained at JPMorgan.’

AG George said that the suit was part of an ‘outgoing effort’ to bring accountability to those who helped to facilitate Epstein’s actions.

The complaint goes on to accuse Chase of concealing ‘wire and cash transactions that raised suspicion of a criminal enterprise whose currency was the sexual servitude’ of young girls.

The damages being sought by the US Virgin Islands are unspecified in the lawsuit.

The filing of the suit comes a day after President Joe Biden traveled to the Virgin Islands to enjoy some downtime and warmer weather and to ring in a new year with family.

The president and his wife, first lady Jill Biden, flew from Washington on Tuesday to St. Croix, one of three islands that make up the U.S. territory in the Caribbean.

The Bidens were joined by their daughter Ashley and her husband, Howard Krein, as well as grandchildren Natalie and Hunter, whose father was the president’s late son, Beau.

The LastPass Disclosure of Leaked Password Vaults Is Being Torn Apart By Security Experts

Last week, LastPass announced that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. “While the company insists that your login information is still secure, some cybersecurity experts are heavily criticizing its post, saying that it could make people feel more secure than they actually are and pointing out that this is just the latest in a series of incidents that make it hard to trust the password manager,” reports The Verge. Here’s an excerpt from the report: LastPass’ December 22nd statement was “full of omissions, half-truths and outright lies,” reads a blog post from Wladimir Palant, a security researcher known for helping originally develop AdBlock Pro, among other things. Some of his criticisms deal with how the company has framed the incident and how transparent it’s being; he accuses the company of trying to portray the August incident where LastPass says “some source code and technical information were stolen” as a separate breach when he says that in reality the company “failed to contain” the breach. He also highlights LastPass’ admission that the leaked data included “the IP addresses from which customers were accessing the LastPass service,” saying that could let the threat actor “create a complete movement profile” of customers if LastPass was logging every IP address you used with its service.

Another security researcher, Jeremi Gosney, wrote a long post on Mastodon explaining his recommendation to move to another password manager. “LastPass’s claim of ‘zero knowledge’ is a bald-faced lie,” he says, alleging that the company has “about as much knowledge as a password manager can possibly get away with.” LastPass claims its “zero knowledge” architecture keeps users safe because the company never has access to your master password, which is the thing that hackers would need to unlock the stolen vaults. While Gosney doesn’t dispute that particular point, he does say that the phrase is misleading. “I think most people envision their vault as a sort of encrypted database where the entire file is protected, but no — with LastPass, your vault is a plaintext file and only a few select fields are encrypted.”

Palant also notes that the encryption only does you any good if the hackers can’t crack your master password, which is LastPass’ main defense in its post: if you use its defaults for password length and strengthening and haven’t reused it on another site, “it would take millions of years to guess your master password using generally-available password-cracking technology” wrote Karim Toubba, the company’s CEO. “This prepares the ground for blaming the customers,” writes Palant, saying that “LastPass should be aware that passwords will be decrypted for at least some of their customers. And they have a convenient explanation already: these customers clearly didn’t follow their best practices.” However, he also points out that LastPass hasn’t necessarily enforced those standards. Despite the fact that it made 12-character passwords the default in 2018, Palant says, “I can log in with my eight-character password without any warnings or prompts to change it.”