Hackers claim breach of China Telecom, Warner Bros. networks
SwaggSec says that it lifted more than 900 login credentials from the Chinese ISP and that the company did little to defend itself after it discovered the breach.
An Internet hacking group claimed today to have broken into the networks of Warner Bros. and China Telecom, publishing documents and login credentials purportedly stolen in the breaches.
SwaggSec, also known as Swagg Security, announced the hack on its Twitter feed and published a statement on Pastebin, along with links to the purloined files posted to Pirate Bay.
Just in Warner Bros and China Telecom Hacked(Biggest ISP in the world)! pastebin.com/u9n2SBUX— Swagg Security (@SwaggSec) June 3, 2012
The group leaped to prominence in February when it took credit for a, resulting in the theft of usernames, passwords, and other private information. (Foxconn, a Taiwanese hardware manufacturer, has been the frequent target of criticism over its factory working conditions.)
In its message on Pastebin, SwaggSec said obtaining more than 900 admin usernames and passwords during a hack on China Telecom was "as simple as we assumed it would be."
"China Telecom's SQL server had an extremely low processing capacity, and with us being impatient, after about a month straight of downloading, we stopped," the Pastebin post said. "However, a few times we accidentally DDoS'd their SQL server. I guess they thought nothing of it, until we left them a little message signed by SwaggSec."
After identifying the breach, China Telecom moved its SQL server but neglected to make a public statement or change its passwords. "At any moment, we could have and still could destroy their communication infrastructure leaving millions without communication," it said.
Similarly, the group taunted Warner Bros. for its "ignorance" of its security vulnerabilities. "When we hacked their intranet, we were surprised to see their IT department's well documented 'confidential' data about the 'critical vulnerabilities' on their servers and sites," the group said. "However, their IT department's ignorance to fix any of the vulnerabilities they were aware about, granted us complete access to their servers."
Warner Bros. confirmed to CNET that a network intrusion had occurred.
"A breach did occur, and while we take this type of activity extremely seriously, in this case no critical data was accessed," spokesperson Paul McGuire said.
CNET also contacted China Telecom for comment and will update this report when we learn more.
Updated at 11:45 a.m. PT with Warner Bros. comment.