BreachExchange mailing list archives
Argentinian Government Site Suffers Major Breach, Personal Information Exposed
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Wed, 7 Dec 2016 17:04:55 -0600
http://news.softpedia.com/news/argentinian-government-site-suffers-major-breach-personal-information-exposed-510780.shtml *The official website of the Argentinian Ministry of Industry (Ministerio de Produccion) suffered a major breach that exposed not only private * *documents,** but also personal information and contact details of a big number of individuals.* The website, produccion.gob.ar, was hacked by Kapustkiy and Kasimierz L. who managed to breach it after getting access to an administrator account. Softpedia was provided with evidence that access to the admin panel was indeed obtained, which in its turn offered access to personal information of employees and documents belonging to the ministry which weren’t otherwise supposed to be exposed. We can confirm that details such as names, home addresses, emails, Facebook and Twitter accounts, and phone numbers were accessed as part of the breach and Kapustkiy told us that he estimates that approximately 18,000 accounts were exposed. What’s important to note, however, is that Kapustkiy doesn’t plan to leak the information, so although so many details were accessed following the hack, individuals whose details were included in these databases are fully secure. The ministry has already been contacted and informed about the breach, but no response has been offered by the time this article was published. Shockingly easy-to-guess password As far as the method of breaching is concerned, Kapustkiy said that they didn’t use a typical SQL injection, but a different approach which he refused to disclose. We were, however, provided with a look at the administrator account and we can confirm that the used password is shockingly easy to guess – we can’t disclose any details on this for obvious reasons. But given the fact that it’s the official website of a ministry, it’s worrying to say the least that administrator accounts are protected with so weak passwords, especially when taking into account that they include databases with personal information of so many people. For the moment, the website is still up and running, but expect IT admins to take down in the coming days when they acknowledge the breach. Kapustkiy said he was able to download all files they had on their servers after accessing the admin panel, so it’s very clear that site admins need to deal with this as soon as possible.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Argentinian Government Site Suffers Major Breach, Personal Information Exposed Inga Goddijn (Dec 08)