New Hack Dumps Comcast, AT&T Data on Pastebin, Kicks Off WikiBoatWednesday
A group of hackers posted on Wednesday, June 27, data that seems to disclose names, ages, and salaries of Comcast employees, as well as emails and passwords associated with AT&T VoIP service accounts.
The hackers proclaimed the start of "#WikiBoatWednesday...when all the members from @TheWikiBoat fight corruption, leak data, and bring down websites," releasing the hacked data in two different posts to the Pastebin Web site, a popular venue for hackers. One of the Twitter handles the hacker group used is @AnonymousWiki. It is unclear, however, what is the connection to the larger, decentralized group infamously known as "Anonymous."
"The first part is (Comcast) Employee names, ages and salaries. And the second part, is information logged from 'Facebook Quizzes,'" reads one of the Pastebin messages. "Quite odd that they'd be storing your information from facebook in THEIR database hm? Anyways, I believe the format for the Facebook Quizzes is something like: Quiz-ID | User ID | Password | And some more info after that. So enjoy ;)."
"Hello everyone. In this dump for #WikiBoatWednesday, I got into an AT&T Database," reads the other Pastebin message. "The database is from a pretty old subdomain, but it has some decent information in the accounts. So I hope you guys enjoy." This message also included a link to a login page for AT&T VOIP service accounts.
As usual with such data dumps, it is not clear at the moment whether the data actually is what the hackers claim it is. It is also unknown at this point whether the data is current, who stole it, and how. Twitter account @GdVries noted the Facebook-related data from the Comcast dump was the same as the data on an entirely separate Web page. One of the hackers claiming credit for the data dump, Twitter user @Zer0Pwn, said this is not true. "No, I hacked it using POST MsSQL Injection," @Zer0Pwn tweeted in response to @GdVries' tweet.
Various hackers associated with Anonymous, LulzSec, and now WikiBoat have stepped up their cyber attacks on corporate and government sites over the past year, aiming to expose and ridicule their targets and raise awareness for their causes such as anti-censorship and WikiLeaks whistleblower activism. Recent arrests of LulzSec members who eventually pleaded guilty seem to have little impact on the hackers' agenda.
Meanwhile, companies come under fire each time hackers get a hold of their customer data. On Tuesday, June 26, the Federal Trade Commission (FTC) sued the Windham hotel chain for failing to provide proper protection for customer credit cards, after criminals stole credit card numbers and used them in fraudulent transactions. Earlier this month, news surfaced that hackers had shared and cracked encrypted passwords stolen from LinkedIn, Last.fm, and eHarmony. LinkedIn already faces a $5 million lawsuit over the lost passwords.