Menu
Hacktivist group possibly compromised hundreds of websites

Hacktivist group possibly compromised hundreds of websites

A group called Team GhostShell has published data from hundreds of website databases it claims to have hacked

Login for security

Login for security

A hacker group known as Team GhostShell is publishing snippets of sensitive data allegedly stolen from the databases of hundreds of compromised websites.

The group, which previously targeted government organizations, law enforcement agencies and companies from various industries in 2012, announced in March 2013 that it was halting its activities.

In a surprise return Monday the group started posting on Twitter the names of websites it claims to have hacked as part of a new campaign, along with links to samples of data extracted from their databases.

So far the group has published the names of over 450 websites, but claims that it has hacked many more. The alleged victims range from companies to education institutions and government organizations from different countries.

Based on its Twitter messages so far, the group's goal is to demonstrate "how truly deplorable cybersecurity has become" and that Internet security has not improved despite a flood of security technologies and products in recent years.

The group published only partial information from the databases that it claims to have compromised, because it wants "to prove that they have indeed been infiltrated and to raise awareness."

Even so, the data leaked so far likely affects thousands of individuals because it including emails, user names, addresses, phone numbers, Skype names, dates of birth, and other personally identifiable information. There are also plain text and hashed passwords, depending on how the affected websites stored them.

"From first appearances, the recently released list of hacked websites seems to be random and there is no indication that any particular country or sector is being targeted," researchers from Symantec said in a blog post. "The group is more than likely hacking websites that are vulnerable. In keeping with its previous modus operandi, it is likely that the group compromised the databases by way of SQL injection attacks and poorly configured PHP scripts; however, this has not been confirmed."


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags intrusionsymantecsecuritydata breachprivacy

Featured

Slideshows

Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments