On Wednesday, a hacktivist published the details of around 50,000 users, which he apparently stole from a website of the Australian Broadcasting Corporation (ABC). The hacker said the breach came in response to an interview ABC had with controversial Dutch politician Geert Wilders.ABC has admitted that the website of the “Making Australia Happy” TV program, which was aired in late 2010, has been hacked.
The company says the hacker has gained access to usernames, password hashes, email addresses, age range, gender, postcode, geographical coordinates of the postcode, suburb, state or territory and the date of the registration.
However, it appears that hackers might have had access to the Making Australia Happy website since as far back as October 2011.
Risky.biz has found a post on a Russian forum, dated October 2011, in which a cybercriminal was asking others to help him crack a couple of password hashes, which matched the first two from the file published by Phr0zenMyst for #OpWilder.
It’s worth noting that one of the passwords was associated with the site’s moderator account.
In the meantime, security experts have demonstrated that cracking the leaked passwords is not a difficult task. After Troy Hunt revealed that he was able to crack 53% of them in 45 seconds, others have managed to hack almost 90% of them in just a few hours.
“Ultimately, it’s just another example of sloppy development let through by lacking security process (any security processes?) and unfortunately for ABC, they now have to bear the brunt of this,” Hunt wrote on his blog.
According to The Australian, Timothy Pilgrim, the country's privacy commissioner, has revealed that they will not launch an investigation into the matter. He has noted that ABC is handling the incident well.
However, Pilgrim said individuals who were not satisfied could file a complaint with the Office of the Privacy Commissioner.