A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. Swagg Security, or SwaggSec, the same hacker collective that breached Foxconn a few months ago to highlight the poor working conditions, has made its comeback.
The hacking group posted on their Twitter account (under the name Swagg Security) that they had acquired access to the databases of both sites, as well as posted a statement on Pastebin. The group has allegedly stolen documents and login credentials, which were then posted to Pirate Bay.
The torrent file posted by SwaggSec on The Pirate Bay doesn’t contain only the administrator details from China Telecom, but also some other information taken from their databases. SwaggSec said the China Telecom data is 900 user names and passwords for administrators on the company's network. The information was obtained through an insecure SQL server, SwaggSec said in its post.
The group said it notified China Telecom of the hack by planting a message in the company's network. The SQL server was moved but not fixed.
It includes a recent report titled 'Content Security Status Update', which includes a list of the company's top 10 medium-to-high-risk vulnerabilities. The top two are cross-site scripting and unsupported SSL.