A hacker who goes by the handle of @Darwinare has claimed to breach the server of University of South Wales( Australia) and leak over 22.5 k credentials of Students and staff on a website.
The hacker seems to be from Anonymous hacking group made the announcement on its official Twitter account.
The dump contains usernames, logins, date of births, staff & student Ids and plain-text passwords of the university staff and students.
@Darwinare also left a message and contact details on the leaked data, according to the the hacker:
I am not here to follow. Iam not here to lead! I am not here to follow. Iam not here to lead! I am not here to follow. Iam not here to lead!
Twitter: https://twitter.com/DARWINARE Skype: NoirComics Facebook: http://www.facebook.com/AnonymousMI Target: http://www.unsw.adfa.edu.au/ Info On Target:http://en.wikipedia.org/wiki/University_of_New_South_Wales *Reason: #HFF *Method: SQLi *Vuln: Back End DBMS.
The available databases are as follow:
available databases [23]:
[*] adfapeople
[*] adfapeople_test
[*] backups
[*] confluence
[*] hass_apss
[*] information_schema
[*] mysql
[*] network
[*] ojs
[*] sbus
[*] seit_courses
[*] seit_main
[*] seit_projects
[*] seit_support
[*] statdb
[*] test
[*] unsw_cmu
[*] unsw_hr
[*] unsw_research
[*] unsw_rrto
[*] wordpress
[*] wp_test
[*] wp_test2
Database: adfapeople
[12 tables]
+————+
| account |
| alias |
| cardax |
| course |
| directory |
| jobcode |
| lms_other |
| program |
| staff |
| staffAlias |
| student |
| webct |
+————+
While the complete list of username and passwords, along with the other leaked data can be found on: