Breach Causes More Embarrassment than Damage; Contains Little Personal Information
For Immediate Release
Media Contact: Aaron Titus
(888) 244-3790
New York, NY – May 22, 2012 - Identity Finder, LLC (www.identityfinder.com) today released this detailed analysis of the information posted Monday evening by the hacking group, Anonymous as a part of the AntiSec movement. The breach was announced Monday evening and made available via The Pirate Bay around noon Eastern, Tuesday. The zipped file, named "MondayMailMayhem," which contains "qwerty.tar," is 1.7GB and contains roughly 6.5 GB of web server files from the website http://bjs.ojp.usdoj.gov/, the Bureau of Justice Statistics in the US Department of Justice. It does not appear to contain any sensitive personal information, internal documents, or internal emails.
The hackers claim the breach was designed "to spread information, to allow the people to be heard and to know the corruption in their government. …to end the corruption that exists, and truly make those who are being oppressed free." The hacker who claims responsibility for the breach indicated that the dump contains " internal emails, and the entire database dump." However, Identity Finder has not been able to substantiate that claim.
Identity Finder conducted an analysis on the files. Based upon Identity Finder's analysis:
- The breach contains a folder named "Mail," which is largely empty and contains only three unique email addresses, two of which are clearly administrative: JUSTSTATS@usdoj.gov, lyris@listmanager.bps-lmit.com, and d*****@ui.urban.org.
- The breach contains website components, the entire web server file structure (the knowledge of which may be leveraged for future attacks), javascript files, css files, server and error logs and other files typically found on a web server.
- As may be expected, the breach also contains a large amount of crime statistical data in graphs and nearly 3,000 comma-delimited (.csv) files.
- The breach includes exception logs typically kept on servers, giving details of server errors. This data could be useful to other hackers who want more insight into network topology.
- Identity Finder found no data containing real Social Security Numbers, Credit Card Numbers, Bank Account Numbers, or Driver Licenses.
The hacker who claims responsibility has not yet explained how he gained root access to the server.
Due to the fact this attack affected the Department of Justice, this breach received more attention than other more significant breaches of late including the billing and customer support tech company, WHMCS, which was ransacked and taken offline by hackers, and their entire customer database exposed online. Identity Finder is currently analyzing that breach, which appears to contain encrypted credit card numbers and the encryption key.
About
Identity Finder's data discovery and protection software provides companies the ability to prevent data leakage and find sensitive information. They have quickly grown to become a leader in identity protection and Data Loss Prevention (DLP) by helping millions of consumers, small businesses, and enterprises across the world. You may download the free version of Identity Finder DLP Software here: http://identityfinder.com/free