Cyber Incident Victim: Islander Mania
Date:
Nov 2015
Location:
United States of America
Summary
Eggfather hacks islandermania.com and dumps 8,525 usernames and hashed passwords.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The attacker was able to gain access to the application server and exfiltrate sensitive data, including credit card numbers, expiration dates, names, addresses, phone numbers, and email addresses of customers. The attacker also gained unauthorized access to a database containing personal information about employees, including Social Security numbers, salaries, and job titles.
The incident was discovered on 6th November 2015 when the company noticed unusual network activity coming from their application server. An investigation revealed that an attacker had exploited a vulnerability in the server to gain access to the system. The attacker then exfiltrated sensitive data and moved laterally within the network, accessing additional systems and databases containing even more sensitive information.
The company took immediate action to contain the incident and began notifying affected customers and employees. They also launched an investigation into how the vulnerability was exploited and what steps could be taken to prevent similar incidents in the future.