Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data

[Erica Absetz <erica () riskbasedsecurity com>]

https://www.securityweek.com/anonymous-claims-attack-ip-surveillance-firm-brickcom-leaks-customer-data?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Brickcom Corporation, an IP surveillance company headquartered in
Taiwan with offices in Dallas, Texas, has suffered an alleged data
breach at the hands of Anonymous supporters, who claim to have leaked
a customer database.

Brickcom has gained granular notoriety in the surveillance space due
to their affordable high-resolution (high mega-pixel) equipment, which
is used by corporations and law enforcement. Primarily, their core
business is in Asia, but they have partnerships in Europe and the
U.K., and are making inroads stateside as well.

In a statement accompanying the alleged leak, Anonymous accuses the
company of hubris for statements made in their marketing materials,
and said the firm was targeted “solely for the greater glory of
Anonymous, the battle for anonymity and against indiscriminate state
and corporate surveillance of the public.”

“This leak is a dedication to those who have given up their liberty
for the ideals of free speech, and a surveillance free internet. This
leak is also dedicated to those who continue to risk their freedom and
refuse to be paralyzed by the ever rising levels of paranoia we all
feel as we read the news daily.”

With that said, Anonymous posted 3,400 records, containing what are
claimed to be customer email addresses, names, usernames, and
passwords. Some of the data points to Brickcom staffers and testing
accounts, a few of the records are clearly spam. However, there are
some that seem to be legit.

The source of the data appears to be the Brickcom registration form.

When asked, the source of the leak would only confirm that there was
an issue with the web server's configuration, and nothing more. "All
data that was present on their webserver has been downloaded," the
source said.

Excluding the possibility of SQL Injection vulnerabilities, a
configuration issue could be anything from open directories and
traversal vulnerabilities, to something more sinister such as Remote
File Inclusion, which enables an attacker to upload shell scripts,
completely compromising the system.

SecurityWeek has been in touch with Brickcom and will update this
story if we get additional information.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.