Almost 250,000 user details of popular Nigerian youth forum Naijaloaded have been exposed after the site was hacked.
A hacker by the name of TheMrX uploaded a shell on the website and accessed its 42mb user database.
The database contained names, usenames, passwords and location information of 243,089 users.
Naijaloaded is a popular African social forum site that includes hacking and software tutorials, and discussion on music, movies and business.
The hackers said they would not publish the database, seen by SC Magazine, but said the US HostGator webserver that hosted Naijaloaded contained 79 other domains that may be vulnerable.
"It is running one of the newest 2011 kernals, so most public exploits are outdated yet, it may still be possible to get in," a member of the Team Infra hacking group said.
The hacker also showed two invoice databases with customer email exchanges and sales data purportedly held by hosting providers urhostz.com and betarack.com.
The group said the data was obtained through a local file inclusion exploit in the WHMCS client management and billing system.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
Local Government Focus Day Western Australia
Digital Leadership Day Western Australia
Government Cyber Security Showcase Western Australia
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
