The group known as "Lulz Security" dumped more than 62,000 personal
details on Twitter yesterday, inviting people to try the passwords on
everything from bank accounts to online stores.
It is claimed the passwords were downloaded 2100 times in the first 4
minutes after release.
Twitter was soon flooded with claims from individuals who said they
had used the passwords to gain illicit access to Facebook and PayPal
accounts.
"I chatted with some girl's boyfriend (on Facebook) and told him that
I would never **** him again.
He said "no problem, I understand " wtf" - Twitter user @Pedacitodepan
Lulz: 'Boys with fake girlfriends'
"Cheers for the paypal account with £250 in it! ;)" - Twitter user @Murraaayyy
"Ordered a large pack of condoms for an elderly woman on Amazon" -
Twitter user @RDisher
Emails and passwords of University of Queensland students and a high
school student in central Queensland were also published along with
logins at seven other Australian universities.
Lulz Security took credit for crashing the CIA website for several
hours on Thursday and have also reportedly attacked Sony, Nintendo,
the US Senate, the US Public Broadcasting System and Infraguard, a
private company that works with the FBI.
The hackers said the attacks were "just for kicks" and that the
passwords in the recent leak were "a random assortment from a
collection".
"So don't ask which site they're from or how old they are because we
have no idea," the group said.
"Releasing 62,000 possible account combinations is the loot for
creative minds to scour; think of it like digging a very unique
mineshaft."
James Cook University and Griffith University logins were also
compromised but it is not clear if they were for students or faculty.
Representatives for both universities said there had been no intrusion
of their servers, while UQ's director of IT services Rob Moffatt said
none of the university's email addresses were breached.
Only one of the UQ addresses was still live and the password was
incorrect, he said.
"We have investigated these claims and have ascertained that the group
involved has not breached any active university accounts," Mr Moffatt
said.
"UQ staff and students should not be concerned about the integrity of
their university accounts.
"UQ takes these issues very seriously and will continue to monitor
developments."
Queensland police said they were monitoring the situation.
Fraud Squad Detective Superintendent Brian Hay said the hackers had
"delusions" they were helping people by exposing security flaws.
"They think they're clever and laughing now but they're taking on
organisations like the CIA and the FBI.The most cyber attacks on
Australians was reported last year and this year was set to be worse"
"Queenslanders should regularly change their passwords to their online log ins.
"You almost have to operate with the expectation that you will be compromised," Hay said.
"You almost have to operate with the expectation that you will be compromised," Hay said.
No comments:
Post a Comment