22k records stolen in Australian Defence Force Academy hack

By

Database hit by SQL Injection

Some 22,300 purported student records held by the Australian Defence Force Academy were stolen and published online last month.

22k records stolen in Australian Defence Force Academy hack

The details were still accessible via the public internet on an Anonymous-controlled public clipboard.

Records contained a mix of date of birth information, clear-text passwords and student identity numbers and ranks.

The University of Canberra in which the ADFA resides had warned students of possible phishing attacks but said the compromised passwords were mostly redundant, SMH reported.

Stolen records were obtained via a basic SQL Injection attack against what appeared to be an older database management system.

SQL Injection was the most prevalent security hole and has maintained its infamous number one spot in the OWASP Top Ten security priority list. 

The hacker using the alias Darwinaire had made a series of recent public hacks and disclosures, including dumping 600 Amazon UK user records online.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

WhatsApp banned on US House of Representatives devices

WhatsApp banned on US House of Representatives devices

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

Log In

  |  Forgot your password?