Hacker raids Aunty, dumps 44,560 email addresses

Powered by SC Magazine
 

Old website confirmed hacked.

Updated: An attacker has hacked into an ABC website and dumped almost 45,000 user email addresses and hashed passwords following a broadcast of an interview with radical Dutch politician Geert Wilders.

The ABC confirmed the attack which targeted the outsourced website of 2010 program "Making Australia Happy" and exposed registered users.

Spokeswoman Sally Cray said the ABC will contact the 45,000 affected users.

"As soon as the ABC was made aware of this activity the site was shut down," Cray said.

"This breach originated at an overseas location and an activist has claimed responsibility for it.

"The ABC will be in contact with audience members who have been directly affected."

Disused websites become easy targets for hackers when adminstrators no longer maintain them and apply patches. Such micro-sites should be taken down after use or kept updated.

Random checks against user identities listed within the 10 page online database dump returned legitimate matches.

Passwords are vulnerable. While not in clear text, the details are unsalted and encrypted with SHA-1. Online services can easily reveal some passwords.

The hacker claiming responsibility said the attack was in response to an interview broadcast on the ABC's Lateline program with the right-wing Wilders. The attacker claimed the ABC gave Wilders "a platform to spread hate".

Updated with a statement from the ABC.

Copyright © SC Magazine, Australia


Hacker raids Aunty, dumps 44,560 email addresses
 
 
 
Top Stories
Rio Tinto's big data play delivers promised ore
Returns trickle in from long-term technology investment.
 
Time management tips for CIOs
[Blog post] How to get to the genba.
 
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1117

Vote