The hacker @Sc0rp10nGh0s7 from the Shad0w Security crew has broken in the server of the National Aids Research Institute NARI (India). The hacker accessed a more than 1 GB archive containing the results for dozens Hiv test.
The hacker just released a small portion of the compromised archive as proof of the data breach. They explained to me that they want to avoid problems with the patients, but this hack aims to demonstrate that the security staff at the Institute is not able to protect so sensitive information.
“this time we won’t leak everything, since our purpose is to hurt the gov not the people. The database file I have is more than 1Gb” told @Sc0rp10nGh0s7.
When I asked more technical details about the attack, the hacker told me that they prefer to keep secret the flaws.
I decided to avoid publishing the link to the data due to nature of the victim.
He also told me that the National Aids Research Institute NARI (India) has a good level of security despite the hack. The hacker breached an internal server of the organization and noticed the admin likes to put username & password in a text file.
“the way we choose the targets is random that helps us to not be expected, we will be in a place they least expect us to be” added the hacker.
The overall internal network was breached by the hackers.
In November 2016, the hacker Shad0wS3C hacked the Institute of the Registral Function of the State Mexico (FREM) and leaked the database online.
In August 2016, the group hacked the Paraguay’s Secretary of National Emergency (SNE) website and leaked online a dump from a PostgreSQL database.
[adrotate banner=”9″]
(Security Affairs – Gh0s7, National Aids Research Institute NARI)
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts.…
The UK Ministry of Defense disclosed a data breach at a third-party payroll system that…
The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of…
MITRE published more details on the recent security breach, including a timeline of the attack…
Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in…
The City of Wichita in Kansas was forced to shut down its computer systems after…
This website uses cookies.