By relying on a vulnerability they found on the official website of University of Washington (washington.edu), hackers called NOBODY and NOLIFE managed to gain access and obtain a large quantity of sensitive data from their databases.
The Hacker News
informs that a Pastebin file contains usernames, passwords, email addresses, registration dates and other database information.
“A few days back, Team INTRA hacker 'HaxOr' hacked into the University of Washington using a SQL injection. The SQL injection that was abused was fixed, but that doesn't mean there wasn't more,” the hackers explained.
Lately, hackers proved that most major universities have a hard time making sure that student and staff data is completely secure.
TeamHav0k hackers revealed recently some major XSS vulnerabilities in
university sites such as Rochester Institute of Technology, Arizona State University, NYU Poly’s Center for Advanced Technology in Telecommunications, Michigan State University, Aurora University, DeVry University, University of Hawaii, University of Virginia, and Carnegie Mellon University.
Find us on Google+
