Adult dating site hacked to leak intimate secrets of 4 million users

Hackers have targeted one of the largest online dating sites of the world, Adult Friend Finder to leak personal data of four million users.

The stolen data includes the sexual orientation of the users, their sexual preferences, and might even potentially reveal who are the ones seeking extramarital affairs. The data also includes email addresses, usernames, dates of birth, postal codes and unique internet addresses of users' computers.

The hack is estimated to have affected 4 million users, including users who have requested the site for a deletion of their accounts.The leaked information contain addresses linked to dozens of government and armed services personnel and members of the British Army.

Channel 4 news, who have been actively tracking such incidents of hacking and information release to the Deep web have found a secretive forum in which a hacker nicknamed ROR[RG] posted the details of users of Adult Friend Finder.

Shaun Harper is among those whose details have been published. Harper, who had requested his account to be deleted stated that, "The site seemed OK, but when I got into it I realized it wasn't really for me, I was looking for something longer term. But by that time I'd already given my information. You couldn't get into the site without handing over information. He added, "I thought the information had gone. These sites are meant to be secure."

Mr. Harper has been targeted with a spate of spam emails ever since his information was leaked. Experts are of the opinion that hackers will further sift through the leaked data to zero down on potential blackmailing targets.

FriendFinder Networks Inc, the owner of Adult FriendFinder have already started working with law enforcement to investigate the matter and have assured customers of strong action in case they are affected.

Kelly Brooks personal photos leaked online

US sitcom 'One Big Happy' star Kelly Brooks has become a target of hackers for the second time after a set of 24 nude photos of her were posted online by hackers.

The photos show the actress in various intimate poses in her bedroom. Kelly had fallen victim to a celebrity hacking scandal last year also in which thousands of photos of various celebrities were posted online in one of the biggest scandals of such kind.

Her ex-fiancee David McIntosh also features in the photos. The last time Kelly fell prey to such activity, 34 of her private photos had been posted online.

Prior to all the scandals, Kelly had tweeted, "The only nude photos you'll see of me are the ones that I leak and the ones my head is superimposed on!"

European Cyber Army leaks 60k credentials compromised from Syrian sites


More than 60,000 accounts details have been leaked by a hacker from European cyber army(ECA) going by handle "Zer0Pwn".

The database dump is said to be compromised from two syrian websites : job.sy and realestate.sy.

Hacker posted a sample data in a paste(http://pastebin.com/7Y13ULux) entitled "ECA vs. Assad" along with a link to full database dump.  The dump contains names, email ids, passwords, phone number and other details.

While the passwords compromised from job.sy are encrypted, the passwords from realestate.sy are in plain text format.

Lee J from Cyber War News analyzed the full database dump and reported that database dumps from realestate.sy contain more than 4000 unique login credentials and database dumps from jobs.sy contains more than 50,000 login credentials.

Some other members from ECA has attacked syrianmonster.com and compromised admin's login credential.


Hacker breaches Johns Hopkins University website

 
A hacker claiming to be part of the Anonymous hackers group has breached the Johns Hopkins University website and leaked the data compromised from the database server.

The database server contains information of current and former biomedical engineering students.  The stolen information includes name, phone number and email id of students.

The University says no information such as Social Security numbers and credit card numbers that would make identity theft a concert, is not involved in the breach.

According to the Baltimore Sun, the so-called anonymous hacker attempted to extort the university for further access to its database server, threatening to leak the stolen data unless university handed over the server password.

The breach reportedly occurred in last November, the vulnerability responsible for the breach has been patched.  The University is currently working with FBI and trying to remove the leaked data from online. 

RedHack claimed to have hacked ISP TTNET, Vodafone and Turkcell


The Turkish hacktivist collective RedHack claims to have breached systems of Turkish ISP TTNet(www.ttnet.com.tr), vodafone and leading Turkish mobile operator TurckCell(turkcell.com.tr).

"Customer data of ISP TTNET, mobile operator Vodafone and Turkcell infiltrated and vast amount of data collected from the systems. +"  Hackers announced the hack earlier today.

Hackers claimed to have compromised millions of records from the servers.

"If we are able to reach these info on their systems with our limited resources imagine what can foreign intelligence agency do. These companies have 90% of the population's data on their systems and they can't protect them." Hackers said.

The have dumped(http://justpaste.it/eaml) some of data compromised from TTNet.  The dump only contains the membership details of Ministries, National Intelligence Agency(MIT),and Security Directorate.  Hackers didn't publish the data belong to general public, "as a matter of principle".

The leak contains information such as names, phone numbers, addresses, email IDs and other information.

Hackers said the reason for these breaches is to prove the fact that no one and no system is 100% secure.

"In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease." The group said that they will continue the operation.

Bell Canada website hacked with POST-based SQL Injection vulnerability

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers.  However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach.  Bell has disabled all passwords and notifying all affected users.  They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

Nullcrew chatting with Bell support team

Hackers said a POST based SQL Injection vulnerability resides in the password recovery page of Bell's sub-domain( https://protectionmanagement.bell.ca/passwordrecovery_1.asp)

Post-based SQL Injection in Bell Canada