UNSW Canberra Hacked, Over 20,000 Staff and Student Logins Leaked

unsw_canberra_logo-lg A hacker using the handle @DARWINARE has been getting a bit of attention on the media front recently with a few attacks that have been  on well known or high profile targets such as Amazon.ukcolorado’s main education website and now they have hacked the University of New South Wales (UNSW), Canberra website (https://www.unsw.adfa.edu.au/) that is for and resides under a subdomain of the Australian defence force academy. The breach was announced on twitter a short time ago and contains a to a large dump which is hosted on anonpaste.me. > ║█║▌║█║▌│║▌ ‏@DARWINARE https://nsw.adfa.edu.au  Hacked! 22.5K Student/Staff Credentials Leaked:******** @binushacker @Cyber_War_News@Cyberwarzonecom

The leaked data contains database layout and table information as well as a scattered 20,000+ student and staff login credentials that are in common format for Australian education systems even though they do not appear to have any encryption on the password side of things so all are clear text. We urge the Australian university’s to seek better web development and implement password encryption as well as fixing the exploits which are said to be done via a simple SQL exploit in the Back end database management system. https://ozdc.net/archives.php?aid=4080 Once again if your a user of this site consider updating your credentials asap as start asking questions those above as to why this has happened. UNSW on twitter @UNSWCanberra

About the author: Lee J

Security Analyst, Developer, OSINT, https://www.ctrlbox.com

Comments are closed.