Reborn LulzSec claims hack of dating site for military personnel
An announcement posted by hackers on Pastebin links to what it says are details of 163,792 MilitarySingles.com users
IDG News Service - A group of hackers claiming to be the reborn Lulz Security (LulzSec) took credit for an alleged compromise of MilitarySingles.com, a dating website for military personnel, and the leak of over 160,000 account details from its database.
The group announced the MilitarySingles.com hack on Twitter and Pastebin on Sunday, using the name "LulzSec Reborn" and ASCII art previously associated with LulzSec, the hacker group that apparently disbanded and merged with the Anonymous hacktivist collective last year.
The Pastebin post included links to RAR archives hosted on public file sharing websites that allegedly contain the names, usernames, e-mail addresses, IP addresses, and passwords of 163,792 MilitarySingles.com users. "There are emails such as @us.army.mil ; @carney.navy.mil ; @greatlakes.cnet.navy.mil ; @microsoft.com ; etc.," the group wrote.
Someone claiming to be the administrator of MilitarySingles.com posted a comment on databreaches.net after the site reported on the breach, saying that there is no evidence of a compromise.
The comment also suggested that ESingles, the company which runs the dating website, is nevertheless investigating the claims and taking the necessary security precautions.
The message annoyed members of "LulzSec Reborn" who, in response, called the administrator "stupid" and uploaded a "hacked by" page to the website in order to prove that they have access to it.
ESingles didn't immediately return a request for comment.
The directory in which the rogue page was uploaded is unprotected and appears to contain internal files associated with the site's content management software. If the credentials used for the database connection are available in one of those files, it would make stealing the user information fairly easy.
The original LulzSec hacker group took credit for many high-profile attacks during the spring of 2011. The FBI and other law enforcement agencies worldwide have since arrested several individuals believed to have been associated with the group. At the beginning of March it was revealed in official court records that LulzSec's alleged leader, a hacker known online as Sabu, has been working as a cooperating witness with the FBI since August 2011.
The rebirth of LulzSec seems to be the hacktivist community's response to Sabu's perceived betrayal of their cause and the arrests that resulted from his cooperation with the authorities. The LulzSec Reborn Twitter account was created on March 9 and was accompanied by videos posted on YouTube announcing the group's return on the hacking scene.
This isn't the only hack that Lulsec Reborn has claimed: On Monday, the group said it had compromised csscorp.com, the website of a San Jose-based information and communication technology company called CSS Corp.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts