P2013-ND-15

On October 23, 2012, the Organization learned an online technology blog was reporting that a hacking group claimed to have attacked one of the Organization?s databases. The blog post reproduced Twitter posts made by the hacking group. The Twitter posts stated that the Organization?s databases had been ?attacked & hacked? and included a hyperlink to a website where users post computer-related code. A post by the hacking group on this website claimed to have accessed an Organization database and included administrator account user IDs and hashed passwords associated with one of the Organization?s websites. It stated that ?more than 37,000 users are at risk due to this attack.?

On October 26, 2012, the Organization became aware of a Twitter post by another hacking group claiming to have attacked and hacked an Organization blog website. The Twitter post included a hyperlink to the same computer coding website as referenced above. A post by the hacking group on the website included administrator user IDs and plain text passwords for a number of blogs on an Organization website. Both postings on the computer coding website were removed on October 27, 2012. The Organization investigated the incidents. Audit log files showed unauthorized access to an Organization server hosted by an external service provider and located in California, USA, on October 23, 24 and 25, 2012.

File Type: pdf
File Size: 144 KB
Categories: 2013