20,000 Credentials of Government Agencies Leaked

Event organizer database breached and siphoned over the Internet

BUCHAREST, Romania – August 23rd, 2011.BitDefender, an award-winning provider of innovative Internet security solutions, announces that it has discovered an alleged disclosure of user names and passwords.

According to a blog post signed by Thehacker12 – who describes himself as “A Hacktivist, against the Corrupt & Unjust people in India” – a list of 20,000 credentials, comprising usernames, passwords and e-mail addresses, pertaining to “US Millitary, Governments & Corporate giants”, has been stolen from “a company managing events” and made public.

“In the case of government organizations, which are under the constant scrutiny of bureaucracy critics, a data safety glitch may affect people’s perception of the State as a trustworthy partner in situations where personal data is required, for instance” said Sabina Datcu, E-Threats Analysis and Communication Specialist who discovered the post.

The leak adds to the list of security breaches and sensitive data disclosures in the last months, claimed to have been perpetrated by various hacking groups, such as LulzSec or Anonymous. However, the author of this exploit describes himself as “an AntiSec supporter”, rather than as a member of this movement.

“Although the responsible behind this incident denies his affiliation to a hacking entity, his or her deeds actually support the same side of the story, which is hacking for the sake of publicly making an anti-establishment point” said Catalin Cosoi, Head of Bitdefender Online Threats Lab.