14 DAY TRIAL // After breaching the State of Rhode Island website yesterday, today The Unknowns return with another target from the same category. This time the victim is the California Department of Forestry and Fire Protection, a subdomain hosted on ca.gov.
If the hackers haven’t leaked any sensitive data from Rhode Island, the situation we’re presented with now is far different.
They’ve not only made available screenshots to prove that they’ve gained access to the administrator panel, but they've also published a number of usernames and clear text passwords.
Similar to other hacks, The Unknowns offer their information security “services” to the site’s webmaster.
“That was easy and simple, please protect your website, it's for your own good. If you need any kind of help just contact us, The Unknowns, at: [email protected],” MrSecurity wrote.
But let’s take a closer look at what the hackers leaked from the site. First, they published database names and the tables contained within them.
From a table called bof.tbluser (bof probably stands for Board of Forestry) they’ve made available around a dozen usernames, clear-text passwords and user email addresses.
The same type and around the same quantity of data has been leaked from two other similar tables. One observation we must make is the fact that some of these accounts appear to have CMS (content management system) administrator rights.
Lastly, The Unknowns have dumped what appear to be four credential sets that belong to the site’s administrators. Fortunately the passwords are not in clear text, but on the downside, they’re encrypted using MD5.
We’ve reached out to the webmaster of the California Department of Forestry and Fire Protection and asked them for comment. We’ll update this post as soon as new information becomes available.
The Unknowns have also taken credit for breaching the sites of the US Navy, the German Federal Government and a couple of UK police servers.