Cyber Incident Victim: BigMoneyJobs.com
Date:
Apr 2014
Location:
United States of America
Summary
ProbablyOnion hacks a job seeker website (bigmoneyjobs.com) and dumps over 36,000 accounts online.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In April 2014, BigMoneyJobs.com suffered a cyber attack that resulted in the leak of sensitive data belonging to its users. The attack was carried out by ProbablyOnion, who used an SQL injection technique to gain unauthorized access to the application server and exfiltrate the data.
The incident occurred on April 2nd, 2014, when ProbablyOnion exploited a vulnerability in BigMoneyJobs.com's website by injecting malicious SQL code into the site's database. The attackers were able to gain access to sensitive information such as usernames, email addresses, and passwords of users who had registered on the platform.
According to an article published by Risk Based Security, the attack was carried out using a technique known as exfiltration from application server, where the attacker gains unauthorized access to an application server and extracts sensitive data without being detected. The article also noted that the attackers were able to exploit a vulnerability in BigMoneyJobs.com's website that had gone unnoticed for some time.
The incident was widely reported by various media outlets, including Dark Reading and SC Magazine, which provided more details on the attack and its impact on users of the platform. The articles noted that the leak of sensitive data could have serious consequences for users who had shared personal information on the site, including their email addresses, usernames, and passwords.
In response to the incident, BigMoneyJobs.com issued a statement assuring users that they were taking steps to address the vulnerability and prevent similar incidents in the future. The company also advised users to change their passwords and monitor their accounts for any suspicious activity.
The attack on BigMoneyJobs.com serves as a reminder of the importance of implementing robust security measures to protect sensitive data, particularly in today's digital age where cyber attacks are becoming more commonplace. It also highlights the need for organizations to regularly assess their vulnerabilities and address any issues promptly to prevent data breaches from occurring.