14 DAY TRIAL // Globe and Mail, a nationally distributed Canadian newspaper, suffered a security breach that affected their Classroom website, a few hundred of their members remaining exposed.
The Online Classroom Edition of The Globe and Mail is a site that addresses teachers and students across Canada, but as it turns out, everyone who enrolls in their program can easily become a victim of a hacking operation.
DataBreaches reports that an #AntiSec hacker targeted the website back in July, publishing the details of around 4,000 users, and even if the attacker told them how he managed to break their defenses, they failed to do anything about it.
“Hi! I’m sepo. For today my target was http://globeclassroom.ca/. It was hacked by a simple SQL Injection. All the data (login email, password, first & second name, adress, school etc.) is dumped to one of my virtual server’s. I was thinking about a deface, but this wasn’t a good idea. Your sec sux! Your data can be stolen! This is a part of #Antisec. Expect us!” said the hacker in July.
Now, in November, other 1409 names, email addresses, clear-text passwords and school contact details were again posted on Pastebin by an unknown hacker who urges them to secure the site.
Globe and Mail didn’t respond in any way when they were warned on the incident, but hopefully they patched up the flaws to make sure their customers are properly protected.
If the first hacking operation took place in the summer and now the second in autumn, it means that when the spring comes we’ll find out for sure if they did anything to enhance their security measures.
These incidents should be taken seriously since all the email addresses, passwords and other information can be successfully utilized in a variety of malicious campaigns.