Friday, August 31, 2012

1 MILLION accounts leaked in megahack on banks, websites

A cache of over one MILLION user account records was leaked by hacker collective Team GhostShell in a huge data dump over the weekend.

Image source: Imperva
Targeting banks, consulting firms, government agencies, and manufacturing firms, the team extracted usernames, passwords, credit histories, and other files and documents from 100 different websites. Much of the data was pulled from the targets' databases and content management systems, some of which contained more than 30,000 records each.

Imperva analysis indicates that the breaches were executed mostly using the SQLmap tool, a common SQL injection method used by hackers.

The importance of staying on top of your CU's security system and closing up vulnerabilities can't be stressed enough. Get more info about the megahack here.

No comments: