BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Breach at Macquarie Uni, hackers claim 1 million plain text passwords exposed

From: security curmudgeon <jericho () attrition org>
Date: Tue, 4 Dec 2012 12:02:08 -0600 (CST)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.zdnet.com/au/breach-at-macquarie-uni-hackers-claim-1-million-plain-text-passwords-exposed-7000008199/

By Michael Lee
ZDNet Australia
December 3, 2012

Macquarie University has had one of its sites breached and defaced over 
the weekend in an apparent show to demonstrate that its servers' security 
are not being maintained to a sufficient standard.

On Friday, one of Macquarie University's web applications, designed to 
assist international students in applying to study, was breached and 
defaced by two hackers going by the names of "JuliaDaRanga1000" and 
"AbbotttheFaggot2000." The defacement makes a number of disparaging 
remarks about the university's security, mocking what they call a complete 
lack of security.

"Macquarie University, let me ask you this, who the f*** do you hire for 
security? Oh, wait, there is none," the two hackers wrote on the site.

"When your administration panel is accessible publicly, what do you think 
will happen? Once again, as I said, anyone could have done it. It just 
took some investigating. Don't dub me as an elite hacker, because I simply 
am not.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: