The administrator's login credentials have been published online

Apr 13, 2012 11:52 GMT  ·  By

An SQL Injection vulnerability on the site of Harvard University’s School of Engineering and Applied Sciences allowed members of Team Dig7tal to gain access to the website’s databases.

From a database called mooneylab, the hackers leaked around 80 credential sets that include usernames, password hashes, names, email addresses, and titles.

They also leaked the login credentials of the site’s administrator and even if the password is not in clear text, a simple test proved that it can be easily decrypted using one of the numerous free tools available online.

“I did it simply because I was bored, and I'm wanting to get this team going,” the member of Team Dig7tal responsible for the breach said.

Yesterday, another member of the collective managed to gain access to the email of Peru’s ambassador in Bolivia, Silvia Alfaro, leaking the entire contents of the account online.

Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile or follow me at @EduardKovacs1