Sun admits data stolen amid fresh hack claims

Posted on 2 Aug 2011 at 09:32

UPDATE: Personal details of thousands of Sun readers have been posted online following a potentially previously undisclosed hack attack on News International.

The paper's parent company sent out warning letters to readers explaining that compromised information could have been posted online, but it remains unclear when the data was harvested.

Initial reports suggested the details were stolen at the same time as a July 19 intrusion, when hackers broke into the site posting false stories about the death of News Corp CEO Rupert Murdoch.

However, the hacker claiming responsibility for the posting – under the Twitter name of Batteye – said the details posted online came from a completely separate attack.

"Oh, the Sun haven't a clue," he tweeted. "I got my goodies before the 19th!"

News International has admitted the problem, but believed the data was stolen in the July break-in.

"Some customer information from polls and competitions was breached as part of the attack," the letter from News International director of customer data Chris Duncan said.

Read more: Sun admits data stolen amid fresh hack claims

News

PC Pro http://www.pcpro.co.uk/news/369052/sun-admits-data-stolen-amid-fresh-hack-claims#ixzz1VKX8gwO8

"Details vary, but could include name, address, date of birth email and phone numbers – no financial or password information was compromised."

The hacker showed off his exploits by posting samples of lists, including entrants for a Monarch competition, a Wrigleys football quiz, Xbox users and details of Scottish students.

Batteye, who claims no allegiance to either the Anonymous or LulzSec hacker groups, went on to attack the poor security and the phone hacking saga at News International, claiming that he would continue to expose poor security until the organisation improved its defences.

“Mankind makes mistakes… and learns from them,” he wrote in a Pastebin post. “Some people, however, do not learn. Until these people are pruned by natural selection, incarceration, or otherwise, then mankind will not develop."

"We will remain prey to the 'malicious' type of hacker that steals credit card information, or deletes voicemail messages and pushing the victims family to grieve more for their loved ones,” the hacker added.

The Sun has yet to explain why it has taken nearly two weeks to warn customers that data had been lost, and it is unclear whether the email was sent out before or after the details were posted online.

Read more: Sun admits data stolen amid fresh hack claims

News

PC Pro http://www.pcpro.co.uk/news/369052/sun-admits-data-stolen-amid-fresh-hack-claims#ixzz1VKXE0BzY

For more information on this article, CISSP Certification & Training, Security+ Certification & Training, & online security training visit Security University

Related Articles - Q/ISP, CEH, CEH7, DoD 8570, CISA, CISM, IAT, QISP, CND, QSA, QPTL, QEH, QEP, QFE, ECSA, CHFI, QWAD, CND, CNSS, ISC2, CISSP, CWNA, CWSP, SSCP, ITIL, CC,

Email this Article to a Friend! Receive Articles like this one direct to your email box! Subscribe for free today!