X

Hackers claim breach of China Telecom, Warner Bros. networks

SwaggSec says that it lifted more than 900 login credentials from the Chinese ISP and that the company did little to defend itself after it discovered the breach.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
See full bio
Steven Musil
2 min read

An Internet hacking group claimed today to have broken into the networks of Warner Bros. and China Telecom, publishing documents and login credentials purportedly stolen in the breaches.

SwaggSec, also known as Swagg Security, announced the hack on its Twitter feed and published a statement on Pastebin, along with links to the purloined files posted to Pirate Bay.

The group leaped to prominence in February when it took credit for a breach of Foxconn network security, resulting in the theft of usernames, passwords, and other private information. (Foxconn, a Taiwanese hardware manufacturer, has been the frequent target of criticism over its factory working conditions.)

In its message on Pastebin, SwaggSec said obtaining more than 900 admin usernames and passwords during a hack on China Telecom was "as simple as we assumed it would be."

"China Telecom's SQL server had an extremely low processing capacity, and with us being impatient, after about a month straight of downloading, we stopped," the Pastebin post said. "However, a few times we accidentally DDoS'd their SQL server. I guess they thought nothing of it, until we left them a little message signed by SwaggSec."

After identifying the breach, China Telecom moved its SQL server but neglected to make a public statement or change its passwords. "At any moment, we could have and still could destroy their communication infrastructure leaving millions without communication," it said.

Similarly, the group taunted Warner Bros. for its "ignorance" of its security vulnerabilities. "When we hacked their intranet, we were surprised to see their IT department's well documented 'confidential' data about the 'critical vulnerabilities' on their servers and sites," the group said. "However, their IT department's ignorance to fix any of the vulnerabilities they were aware about, granted us complete access to their servers."

Warner Bros. confirmed to CNET that a network intrusion had occurred.

"A breach did occur, and while we take this type of activity extremely seriously, in this case no critical data was accessed," spokesperson Paul McGuire said.

CNET also contacted China Telecom for comment and will update this report when we learn more.

Updated at 11:45 a.m. PT with Warner Bros. comment.