The hacker D35m0nd142 has defaced the Gordon McKay & Blue Hill libraries subdomain of Harvard University’s School of Engineering and Applied Sciences website (library.seas.harvard.edu).
He published the following message in the announcements section of the site: “HACKED by D35m0nd142. I’ve defaced your website just to demonstrate the big vulnerability, not for fun. If you need help to repair the bugs contact me.”
Besides defacing the website, the hacker has also leaked some information from the university’s databases. However, he has redacted all the sensitive information.
To demonstrate the fact that he has gained access to the administrator’s credentials, D35m0nd142 has published an image which shows him logged in as the administrator.
The details of the vulnerability have been kept private.
The defacement page has been removed. The site currently displays an “under maintenance” message.
At the beginning of January, the hacker revealed the existence of security holes in the website of NASA’s Goddard Space Flight Center (GSFC). At the time, NASA silently fixed the vulnerabilities after being notified by the expert.