45,000+ Penang Marathon Participants Personal Details Leaked

penangbridge A hacker using the handle Ninjalong has leaked a heap of personal details from a Malaysian based Marathon. The Penang Bridge Marathon 2013 is being held on the 17th of November and it appears that its web site security has failed to protect the details of those who are registering and making payments for T-Shirts.

The Penang Bridge International Marathon (PBIM) is a sports event catered to serious runners as well as amateur ones from both local and international grounds.

Ninjalong has created a basic website on neocities.org which has 45 pages of Participants personal details that include full names, addresses, date of births, email addresses, T-Shirt size as well as what Ninjalong has stated that they have censored/removed all credit card information to prevent malicious use. example_my_gov_marathon Ninjalong originally stated there is 45,000 but after checking i find 43,905 with 13,394 being duplicated leaving 30,511 non duplicated. An interesting fact about this breach is that the website is government (.gov) based which would suggest some sort of government funding behind it but it still has failed to prevent this from happening.

About the author: Lee J

Security Analyst, Developer, OSINT, https://www.ctrlbox.com

Comments are closed.