Hackers from r00tW0rm and inj3ct0r hacked into the websites belong to NASA and US census Bureau using the SQL Injection vulnerability.
Hackers exploited the SQL Injection vulnerability in one of sub domain of NASA(nasa.gov) and obtained a 6GB data from the database. The obtained data contains the information such as usernames, email id, passwords and other data.
"Complete Database is in GB's, well we aren't leaking it. We may Keep all parts in our private home! Yet only little bit dump or few columns data is released just to inform NASA that being National Aeronautics and Space Administration you must also keep your Servers up to date! 'F*** your security team, what are they being paid for ?' " Hackers said.
They notified about the vulnerability to NASA but there is no response from their side.
Hackers also obtained the data from the US Census Bureau database but exposed a sample of the data in pastebin, includes table name and columns.