A Hacker with a handle "KillCode" has contacted us with a link to dump. It contains the data compromised from the subdomain 'IT Service Desk' of the National Institutes of Health website.(itservicedesk.nih.gov)
The leak contains 5208 account details that includes email address, login name, and encrypted password. The leak also contains some database name and table name details.
At the time of press time, the hacked site is down. It seems like the admin of the site is fixing the security flaw.
The hacker also discovered XSS Vulnerability in few high profile sites which includes Federal Aviation Authority (faa.gov) site, United States Air Force (airforce.com).
The proof of concept for the XSS Vulnerability can be found here: