NullCrew hackers claim to have breached the sites as a form of protest
Members of the NullCrew collective claim to have hacked the website of the Public Broadcasting Service (pbs.org) and the one of the World Health Organization (who.int).“Today is a big day for you, me NullCrew, and the rest of humanity. We hacked into the World Health Organization, and we're dumping all the user-data. This contains Emails, Usernames and Passwords. Reasons for this hack are because of the pathetic health-care,” the hackers wrote next to the WHO leak.
“It's been decades, and our Health-Care system has never been what it should be. Thousands of people are dying just because of this. Either waiting in the waiting room for too long, or not being able to pay the extreme amounts to be cared for.”
There are around 550 records sets comprised usernames, passwords (encrypted) and email addresses.
As far as the website of the PBS is concerned, the data dump is made of database information, and close to 1,000 email addresses and associated clear text passwords.
“We hope you'll enjoy our very first release, we're sure you will. We hacked PBS.org, for reason of broadcasting false information, and misleading the public. We did not do this simply for the Lulz. We are not LulzSec, UGNazi, TeaMp0isoN, or even Anonymous. This is the start of something big, and it's only just the beginning,” NullCrew said.
An initial analysis of the data published by the hackers leads us to believe that it could originate from the website of PBS and the WHO. For instance, the leaked credentials don’t seem to appear in other places and the ones from WHO are likely to belong to members of the organizations.
However, the database structure of the PBS site does show up in an older leak posted by TheWikiBoat. This is somewhat curious, considering that the hacker collectives seem to be “connected.”
We have reached out to both BPS and WHO and we’ll update this article as soon as new details become available.
Update. PBS representatives have responded to out inquiry.
“For security reasons, our policy is not to discuss such matters in detail except in cases where user information may have been compromised. We can confirm that no private user data has been exposed,” a company spokesperson said.