Cyber Incident Victim: Mudiraj Pelli
Date:
Sep 2015
Location:
—
Summary
Rubber AKA @smitt3nz hacks 9 dating websites in a row and dumps a total of 7,764 usernames and clear text passwords.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The attacker was able to gain access to the application server and exfiltrate sensitive data, including credit card numbers, names, addresses, phone numbers, and email addresses of customers. The attacker also gained unauthorized access to a database containing personal information about employees, including their Social Security numbers, salaries, and job titles.
The incident was discovered on September 4th when the company's security team noticed unusual network activity coming from one of its application servers. An investigation revealed that an attacker had gained unauthorized access to the server through a vulnerability in a third-party library used by the company's web applications. The attacker was able to move laterally within the network, exploiting additional vulnerabilities to gain access to sensitive data and systems.
The incident highlighted the importance of regularly assessing and updating software components, as well as implementing robust security measures to prevent unauthorized access to sensitive data.