Hacker Leaks Data After Breaching FBI Site, Slams “Lazy” Security
In a tweet on 24 December, the hacker warned the FBI to fix the security flaws or face the consequences.
A hacker known as CyberZeist, or Le4ky, has reportedly hacked into the FBI website and leaked some of the information to an open source site.
The hacker, who tweets as @CyberZeist, exploited a zero-day vulnerability in the highly-secured Plone Content Management System (CMS) of the FBI's website and leaked some of the information to Pastebin, an open source site that is often used by hackers to post stolen information and bits of code, RT.com reported.
The leaked information includes personal account data and other sensitive information of over 155 agents in the FBI, including names, passwords, and email accounts.
The hacker had originally exposed the vulnerabilities of the website on 22 December and then gave the FBI time to patch the vulnerability in the website’s code before making the data public.
A zero-day fault is a vulnerability in the code that has not been detected, listed, or patched yet.
However, after the FBI failed to fix the vulnerability in the code, CyberZeist released the sensitive data online.
Interestingly, this is not the first time the hacker claimed to have breached the FBI site. In 2011, CyberZeist hacked the FBI site as a member of the hacker collective that is known as ‘Anonymous’.
After hacking the code, CyberZeist claimed that the FBI’s webmaster had “a very lazy attitude as he/she had kept the backup files (.bck extension) on the same folder where the site root was placed.
Authorities in the US have not yet responded the claims.
(With inputs from RT)
Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.