Anonymous dumps hacked AAPT data

By on
Anonymous dumps hacked AAPT data

But nothing sensitive yet revealed in leaks.

Anonymous has dumped four caches of customer information from the 40 GB database it stole after hacking an AAPT server.

The data appears to be heavily redacted. Customer names, phone numbers and addresses have been published along with junk data.

Government agencies including the Department of Defence, Attorney General's and the Australian Federal Police have been listed in the AAPT customer records along with private sector businesses.

Continuing coverage of the AAPT breach

Anonymous said it would redact sensitive customer information from the leaks.The group's representatives would not provide SC with an encrypted sample of the uncensored data to verify what data was exposed.

One spokesman for the loosely knit hacking collective said only that it contained "juicy" information, but did not specify if that included credit card or customer financial data.

A further 3.5 GB of customer data would be released over the coming days, SC was told.

Another Anonymous hacker affiliated with the hack told the ABC that data included "names, agreements, phone records, ip records registrations, contracts, company information, contact persons, company bank accounts".

AAPT confirmed a 12-month-old backup of its business website had been compromised with hackers retrieving two "historic" data files with "limited personal customer information" compromised. The data was suspected to amount to 600,000 records.

But it was understood AAPT was not entirely certain of the contents of the stolen data cache prior to the leak.

Much of the data was uploaded to Pastebin, which has recently cracked down on hacking activity and more quickly removed posts containing stolen data.

The hackers broke into the dedicated server, hosted by Melbourne IT, through a "very old" Adobe Cold Fusion vulnerability that was unpatched on the servers.

Melbourne IT had become aware of the vulnerability after news of defacements made to Queensland Government websites last week.

AAPT data had been stolen and uploaded elsewhere by the time the patch was applied.

The high-profile hacks came in apparent protest to the Federal Government's proposed data retention regime, which would mandate telcos and internet service providers to collect and keep transmission data from users for up to two years.

Anonymous released a statement on the hacks and uploaded a video to YouTube.

AAPT has been contacted for comment.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
aapt anonymous hacking melbourneit security
In Partnership With

Most Read Articles

Telstra towers over rivals in war for NBN power

Telstra towers over rivals in war for NBN power
Keyboard layout change in iOS annoys users

Keyboard layout change in iOS annoys users
NBN Co to simplify network and IT architecture

NBN Co to simplify network and IT architecture
Telstra frets network breakage, trust breaches from decryption laws

Telstra frets network breakage, trust breaches from decryption laws
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

How to choose a trusted IT provider
How to choose a trusted IT provider
Why Business Process Modelling Matters
Why Business Process Modelling Matters
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018
Report: ANZ IT Decision Makers - Top Priorities for Endpoint Security 2018
Managed Security Service Providers for Dummies
Managed Security Service Providers for Dummies
The Cost of Cloud Expertise report
The Cost of Cloud Expertise report

Events

Log In

Username / Email:
Password:
  |  Forgot your password?