14 DAY TRIAL // The El Paso Community College's website was defaced and data was dumped by hackers who call themselves @DestructiveSec and @COPRS3_TP.
Cyberwarnews reveals that the information posted on the site after it had been hit describes exactly the vulnerabilities that allowed the attacker to take it over.
It looks as a vulnerability in ISS 6.0 that permits a number of attack methods, from ASP stack overflows to remote WebDAV authentication bypass, was the number one weakness.
The data they spilled fortunately wasn't sensitive, all that was posted being the server's IP address and some parameters of their system.
These hits are never welcome, but I suppose anyone would prefer such a hack instead of one that leaks database information that could affect employees and customers. At least now they'll know how to protect themselves in the future.