Hackers Dump Millions of Records From Banks, Politicians 310
hypnosec writes "TeamGhostShell, a team linked with the infamous group Anonymous, is claiming that they have hacked some major U.S. institutions, including major banking institutions and accounts of politicians, and has posted those details online. The dumps, comprised of millions of accounts, have been let loose on the web by the hacking collective. The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies."
Re:Great plan (Score:5, Interesting)
Re:Great plan (Score:4, Interesting)
That sounds very much like the "no true communist state has ever existed" (i.e. No True Scotsman) line.
As long as human beings are involved, all the typical vices attributed to greed occur, and Capitalism is no different. The best you can say is that Capitalism when practiced by humans is an abject failure, due to the complete inability of its self-correcting factors ("invisible hand" via competition and intelligent actors) to have any effect.
Re:Cool, that'll show 'em (Score:4, Interesting)
millions of lives ruined as their credit goes to pot
Yeah, how does that work? I've seen this quite a few times in the comments already, and I'm not arguing they're doing the right thing, I'm not arguing no one will be hurt or its not annoying, but I have no idea how your credit gets ruined because someone steals your docs.
I'm old enough to have gotten a couple car loans and mortgages and I've seen my reports, you can request a copy online although its a modestly annoying task.
They are unexpectedly interested in how long the account has been opened (I was surprised to learn that, my guess is its a legal proxy for knowing your age). They're extremely excited about your monthly payment record over the past couple years. They seem interested in default/fraud/NSF-bounce issues in the past couple years. They really like to tabulate your current balance and all kinds of ratios based on those balances as a fairly pointless snapshot. I'm just not seeing a section of the report "number of times account info released by anonymous", perhaps with a graph or something like that.
My wife got her CC stolen probably online, no big deal, bank was nice about it all, no cost to us, doesn't show up on any report that we've seen since. My mom got her info stolen and a truck purchased in her name and driven across the .mx border, again no problem.
So humor me with what an organic chemist would call a reaction mechanism. A droplet containing your bank account number is dropped into the fetid test tube that is the internet and the reaction begins with... I'm looking for a model of how this supposed "destruction" happens? I'm hearing this is financial ebola, but only experienced and heard of a sniffle in similar cases. I'm interested in how this destruction happens.
Re:Great plan (Score:4, Interesting)
And will you still be supporting their actions when you find your own personal bank details on that list?
YES, I will, and I'll tell you why.
A public release like this lets me know, lets everyone know, there's a problem. I'd much rather have someone hack and release the details publicly than hack and steal all my money.
Yeah, They Look Like Garbage ... (Score:5, Interesting)
Seriously, has anyone actually looked at these so called "dumps"? Most of them are a single field from a table, with no relational data to associate the bits. I see email addresses with nothing else. I see [email] addresses with nothing else. I see First and Last names, but nothing else. Phone numbers... the same. Then there are loads of obvious blog style records that is used to populate their "news" and such sections (which are obviously on their front page anyway). Where is the damage?
I've looked at over 20 so far and all have been absolutely worthless. Even the ones that didn't hash their passwords (BookData? what site is that, can't even find their landing page and all the logins look to be JP e-mail addresses) I can't find where I'm supposed to log in. Furthermore, some of these look like some automated testing software when I see rows like:
Those two filled in columns are username and password by the way. So I'm going to say there's three possibilities:
1) these are completely fabricated tables mixed in with (like you noticed) front page public news items and HTML to make them look authentic.
2) these are legitimate but just plain crappy sites. How is it that they only get ~1200 user records from a site unless the site is so worthless that it only has 1200 users?
3) they have everything. They have sensitive stuff but what they've done is show the targets that they have been compromised by releasing only the sensitive data that won't hurt the small users. Since they are publishing the structure of the databases and the targeted entities know that if you have access to that structure, you have/had access to all of the many user information.
I can't believe Teenfad hashed their passwords but some of these other seemingly more sensitive sites didn't. Who the hell is storing plain text passwords in a database!? Well, I guess we have a list of worthless sites that do it now.
Re:Great plan (Score:1, Interesting)
I think you will find that is Germany. Third bite at the cherry and all that.
Re:Great plan (Score:2, Interesting)
Because Americans believe government regulation is bad and markets are good.
So instead of having job-killing freedom-strangling government regulations requiring better security, Americans wait until after their personal information has been compromised and publicly posted, then use the tort system to obtain economic compensation for the resulting damages.
Or they will until the tort system is crippled for killing jobs and crippling free enterprise.
That's why Americans have a whole lot more market regulations when compared with some "socialist" european countries, the difference is that your regulations only preserve the absence of competition (wtf do you think patents are?).
Stop pretending the inexistent american liberalism is at fault because there is not much liberalism left in the world and it sure as hell is not in the US of A.
Re:Great plan (Score:5, Interesting)
"Oh ya then how did the hackers find it the security hole? bank did just say hay here,s our security hole. In fact they hacked it, that's against the law already because they did STEAL the passwords. And no i don't expect someone who tells you hay your wallet fell out to be prosecuted. That's just a plain stupid argument by a person who doesn't have a clue or doesn't want a clue. Ya just want to complain."
This doesn't even deserve an answer. But I'm going to give you one anyway. No thanks necessary!
So you are saying to me: you don't care that the banks have been criminally irresponsible with people's data? You don't CARE, that somebody ELSE -- a criminal somebody else -- could have found this data and just stolen everybody's money, instead of making it public?
Whose fucking side are you on?
I have personal experience with a bank that refused to close a GAPING, OUTRAGEOUS security hole that I pointed out to them, for over a year! After about 6 months of it, with no change, I decided to go to the press with my story. You know what happened? The press and TV wanted nothing to do with it. The bank was a major customer. They weren't about to publish anything negative about it.
So guess what avenue was left? Only one. In order to close this gaping hole, only one thing would suffice: going public with the data. THAT makes people stand up and listen.
THE BANKS are the criminals here, and the press are in bed with them. If you think differently, you are deluding yourself.
And the release of data is the only way they (and a lot of people, like you) will even pay attention.
So take your criticism and stuff it. I have been there. These people did the right thing.