UK: Wounds International – Data Leak
A paste on Pastebin points to a hack of Wounds International.
The SQL injection attack, by @str0ke_, who self-identifies as affiliated with @ToucSec, does not really offer a specific explanation for why the firm was attacked:
Target……………….: Wounds International;
Title………………..: Wounds International Data Dump;
Wounds International, we have a bit more instore for you; not that you are our “Primary Target.”
But a corporation, none-the-less, so that means we took authority to rampage on your servers for “All your data are belong to us”
You don’t take care of your own servers?
We sure see how that works out!
DataBreaches.net is not linking to the “data teasers” that have been dumped, which include five admin logins (usernames, first and last names, email addresses, and easily decrypted MD5 passwords), 17,025 user logins with passwords in clear text (5,000 more that have not been leaked), and 18,840 access IP addresses.
Attempts to notify Wounds International via their contact form failed on “submit,” so this site tweeted their Twitter team to ensure they know they’ve been hacked.