Search This Blog

Powered by Blogger.

Blog Archive

Labels

University of New Brunswick site breached by Team Dig7tal hackers

Team Dig7tal hackers collective break into the University of New Brunswick by exploiting the SQL Injection vulnerability and compromised the database.

Hackers leaked the part of stolen data. The leaked information the hacker is referring to consists of 234 database names, 68 table names from the budget_management database, and 96 records from the employers table. From the user table, the hacker leaked 159 password hashes and usernames.

The dump also contains some sensitive information, including the administrator’s username and password (in clear text), and 202 employer entries comprising email addresses, IDs, names, passwords and websites.

Also,Hackers have send emails to the University's staff to notify them about the breach.

“I did not take nor did I leak any of the student’s sensitive information. However, your site is terribly vulnerabile and I suggest you patch it ADMIN. It’s your damn job! Information leaked is only to demonstrate how pathetic your security is,” Th1nkT0k3n said in the email he sent to the university.

“Also, I hope you have a great Monday Admin! Students and their parents give their hard earned money to this University and they should not have to worry about their sensitive information being leaked! Person in charge of your IT should be let go,” he added.

Share it:

Database Leaked

Team Dig7tal