Anonymous Attacks US State Department Careers Website: Analysis - WRCBtv.com | Chattanooga News, Weather & Sports

Anonymous Attacks US State Department Careers Website: Analysis

Information contained on this page is provided by companies via press release distributed through PR Newswire, an independent third-party content provider. PR Newswire, WorldNow and this Station make no warranties or representations in connection therewith.

SOURCE Identity Finder LLC

WASHINGTON, Feb. 22, 2013 /PRNewswire/ -- Identity Finder has analyzed a hack by the Anonymous hacker "Par:Anoia," claiming to have attacked a website belonging to the U.S. Department of State. Our preliminary analysis indicates that the hack appears to be legitimate, affecting roughly 200 people, and relatively low-risk.

Identity Finder's analysis indicates that the hack contains the following information:

  • 199 Email Addresses, most of which belonged to state.gov, and a few universities
  • About 207 Possible Hashed Passwords. The seemingly hashed strings were unidentified
  • Zero Home Addresses
  • 194 names

The breached database is named "test_hrwg_careers_usa_ctc_com," which seems to be related to http://careers.hrwg-careers.usa-ctc.com/, which has been taken offline. A cached version indicates that it is a State Department career website, and not likely tied into sensitive State Department systems. The attack appears to be a SQL Injection attack, where a hacker tricks a website into exposing the entire contents of a database.

"This appears to be a legitimate breach," said Aaron Titus, Chief Privacy Officer at Identity Finder. "Although the total risks associated with this breach appear low, if the hashes in the breach are actually passwords, and they are cracked, and the state department employees re-use those passwords on sensitive State Department systems, those systems could be compromised."

"We recommend that the State Department reset the passwords for all affected employees as a precaution," said Titus.

About

Identity Finder's data discovery and protection software provides companies the ability to prevent data leakage and find sensitive information. They have quickly grown to become a leader in identity protection and Data Loss Prevention (DLP) by helping millions of consumers, small businesses, and enterprises across the world. You may download the free version of Identity Finder DLP Software here: http://identityfinder.com/free

©2012 PR Newswire. All Rights Reserved.

Powered by WorldNow
All content © Copyright 2000 - 2013 WorldNow and WRCB. All Rights Reserved. For more information on this site, please read our Privacy Policy and Terms of Service. For information regarding WRCB Jobs/EEO please click here.