Just after 24 hours of the hack of the Indian Institute of Technology – IIT Bombay, Cryptolulz666 notified me another data breach, he hacked the database of the Indian Institute of Technology Kharagpur, the second of the country.
Cryptolulz666 broke into the database of the Indian Institute of Technology Kharagpur and accessed users data, including emails, passwords, phone numbers, and security questions.
The hacker told me to have accessed data belonging to 12000 plus users, but as proof of the hack, he leaked only a small portion of them on Pastebin.
When I asked more details about the data breach he told be that he found a SQL injection flaw in the website.
“In this hack, I triggered an error based SQL injection… and I leaked the data on Pastebin” the hacker told me.
The database contains had around 12555 users but I just leaked even less than a quarter of it as the institution might get sued on this info disclosure.
Once again the hacker highlights the lack of security of the organizations. His intent is creating awareness amongst the authorities.
“If you make a website to you definitely have to protect it on every aspect.” he added.
Cryptolulz666 explained that many hackers would love to get their hands on such kind of data so it is important to address these flaws before them.
Last week Cryptolulz666 broke into the database of the website of Russian embassy of Armenia (www.embassyru.am) and leaked data. The hacker also launched DDoS attacks against a Russian and Italian Government websites.
[adrotate banner=”9″]
(Security Affairs – Cryptolulz666, Indian Institute of Technology Kharagpur)
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
This website uses cookies.