Anonymous hackers announced to have compromised the US Census Bureau against TTIP/TPP and leaked data online as proof of the data breach.

Anonymous hackers announced to have compromised the US Census Bureau against TTIP/TPP. The members of the popular collective are the same that hacked World Trade Center (WTC) according to the colleagues at the Hackread.com. The experts at Hackread which analyzed the data confirmed their authenticity.

The Trans-Pacific Partnership (TPP) is a multinational trade agreement between the countries around the rim of the Pacific Ocean. Anonymous is protesting against the TTP because it considers the agreement a menace because it threatens to extend restrictive intellectual property (IP) laws among the countries of the Pacific Rim. The Transatlantic Trade and Investment Partnership (TTIP) is a trade and investment deal currently being negotiated by the EU and the US.

The hackers breached the official website of U.S. Census Bureau on 20th July 2015 and accessed data belonging to the Bureau’s officials. The hackers leaked the data online to protest against the Trans-Pacific Partnership Agreement (TPP) and Transatlantic Trade and Investment Partnership (TTIP).

“GETTING INTO THE BUREAU’S SITE WAS A PIECE OF CAKE, IT WAS JUST A SIMPLE SQL INJECTION CAN YOU BELIEVE AND THIS WILL HURT A LOT OF PEOPLE?” said the hackers at Hackread.

The hackers have leaked the data into four separate archives:

http://justpaste.it/mh2x http://justpaste.it/mh50 http://justpaste.it/mh5g http://justpaste.it/mh6m

The first part includes the database of the U.S. Census Bureau’s website, including password hashes of belonging its users. The second part contains more that 3000 records, including usernames, full names, IDs, emails, phone numbers, and names of the agencies belonging to U.S. official from the military, IRS, Census Bureau, Department of Home Security, US Department of Education, National Nuclear Security Administration and other high-profile U.S. government institutions along with their addresses. The availability of emails could allow attackers to run further attacks such as spear phishing campaigns.

The third part of the leaked data includes thousands of U.S. governments emails associated to users’ credentials in clear-text.

The fourth part includes more than 6700+ emails, names, phone numbers, and departments of the US government officials along with their addresses.

“The plain-text passwords on such a high-profile website show how the U.S. is vulnerable to simple as well as sophisticated cyber attacks, as the plain-text passwords can further be used to access other government based platforms.” states the HackRead portal.

Pierluigi Paganini

(Security Affairs – US Census Bureau, Anonymous)

Share this...

Linkedin Reddit Pinterest

Share On