BreachExchange mailing list archives
fringe: Programmers accused of hacking 2.3 million IDs
From: security curmudgeon <jericho () attrition org>
Date: Thu, 16 Apr 2009 06:50:49 +0000 (UTC)
[Although the article uses "personal information", the focus is on authentication credentials. It isn't clear the extent of the information compromised on these sites. - jericho] ---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://joongangdaily.joins.com/article/view.asp?aid=2903657 By Park Yu-mi, Kim Mi-ju JoongAng Daily April 16, 2009Two computer programmers were indicted yesterday on charges of hacking into Web sites and obtaining personal data of 2.3 million persons and using part of that information to post spam advertisements on Naver and other Web sites.
According to investigators at the Seoul Central District Prosecutors’ Office, the pair allegedly hacked into more than 100 Web sites from January 2008 until February of this year.
They targeted Web sites for games, florists, real estate agencies and used car dealerships that have vulnerable security systems.
“They developed their own computer program to sort out whether some of the users’ stolen IDs and passwords collected from various Web sites were identical to Naver IDs and passwords,” said Roh Seung-kwon, the prosecutor in charge of the case.
The suspects took advantage of the practice by some Internet users of using the same ID and password to access different Web sites, he added.
[..]
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- fringe: Programmers accused of hacking 2.3 million IDs security curmudgeon (Apr 16)