The xl3gi0n hackers has breached one of the NASA subdomain ( Lunar Science Forum 2010) and compromised the database server. The hackers leaked the stolen data in pastebin.
The leak(pastebin.com/HdFLpEMH) contains the email addresses, plain-text passwords, name of the user. The leak also contains admin details including username, encrypted password.
There are three admin username and password listed in the leak. Hackers managed to crack the two out of three passwords and published the plain-text format of the password.
"This is why i were arrested the first time. hope you come and arrest me again cuz there are some files that will be leaked " Hacker said in the leak.
The hackers breached the database server by exploiting SQL Injection vulnerability. In an Email send to EHN, hacker provided the vulnerable link of the target website. Hacker requested me not to publish the vulnerable link.