The IT Service Desk domain has been shutdown following the breach
A hacker calling himself KillCode has leaked over 5,000 account credentials allegedly stolen from the IT Service Desk domain of the National Institutes of Health website (itservicedesk.nih.gov).The leak comprises information obtained from the “dbo.User_Staff_JOIN” table of the “RemedyMirror” database, and it includes password hashes, email addresses and usernames.
Fortunately, the passwords appear to be properly encrypted. On the other hand, since many of the email addresses don’t seem to be publicly available online, I will not post a link to the data leak since they could be utilized for targeted attacks.
Earlier this week, another site managed by NIH – the National Cancer Institute (Cancer.gov) – was breached.
At the time when this article was published, the itservicedesk.nih.gov was down. This most likely means that the sites administrators are working on addressing the security holes having allowed the hacker to gain access to the data.