90k US military email accounts posted to BitTorrent

By

Hackers 'invoice' for security audit.

Hackers have stolen 90,000 usernames and encrypted passwords of US military personnel along with data on defence agency projects from defence contractor Booze Allen Hamilton.

90k US military email accounts posted to BitTorrent

The attack, dubbed “Military Meltdown Monday", included what appeared to be logins from US Air Force, Marine Corps, Homeland Security, and military personnel within the US Central Command (Centcom), special operations unit (Socom).

The data, including a SQL dump, is now circulating over BitTorrent.

Hacker identity Sabu said in a tweet that it was first of “two of the biggest releases for Anonymous in the last 4 years".

The group said it broke into a server that had “basically had no security measures in place” from where it ran a shell and “began plundering some booty”.

It said most of the 90,000 email account passwords were encrypted with Base64.

Booz Allen Hamilton said in a tweet that in line with “security policy, we generally do not comment on specific threats or actions taken against our systems”.

In a wryly message included with the data dump, the hacker group ‘invoiced’ the company for ‘auditing’ its security.

The attack is one of the largest in a string launched under the auspices of the Anti Security movement.

Details of a FBI identity project dubbed Special Identities Modernisation (SIM) were allegedly revealed after hackers broke into the servers of US engineering contractor IRC Federal on Friday.

Hackers said that project was a system to "reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies".

“We also found fingerprinting contracts for the [Department of Justice], biometrics development for the military, and strategy contracts for the National Nuclear Security Administration.”

Hackers have stolen 90,000 usernames and encrypted passwords of US military personnel and defence agency projects through an attack on defence contractor Booze Allen Hamilton.

The attack, dubbed “Military Meltdown Monday, included logins from US Air Force, Marine Corps, Homeland Security, and military personnel within the US Central Command (Centcom), special operations unit (Socom).

The data, including a SQL dump, is now circulating over BitTorrent.

The group said it broke into a server that had “basically had no security measures in place” from where it ran a shell and “began plundering some booty”.

It said most of the 90,000 email account passwords were encrypted with Base64.

Booze Allen Hamilton said in a tweet that in line with “security policy, we generally do not comment on specific threats or actions taken against our systems”.

In a wryly message included with the data dump, the hacker group ‘invoiced’ the company for ‘auditing’ its security.

The attack is one of the largest in a string launched under the auspices of the Anti Security movement. Details of a FBI identity project dubbed Special Identities Modernisation (SIM) were allegedly revealed after hackers broke into the servers of US engineering contractor IRC Federal on Friday.

Hackers said that project was a system to "reduce terrorist and criminal activity by protecting all records associated with trusted individuals and revealing the identities of those individuals who may pose serious risk to the United States and its allies".

“We also found fingerprinting contracts for the [Department of Justice], biometrics development for the military, and strategy contracts for the National Nuclear Security Administration.”

 

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?