Friday, April 18, 2014
Breaking News
Home / Security / Hacked Sites / National Institute of Health hacked 5000 user credentials leaked

National Institute of Health hacked 5000 user credentials leaked

A hacker going by the name KillCode has leaked over 5208 account credentials allegedly stolen from the IT Service Desk domain of the National Institutes of Health website (itservicedesk.nih.gov).

The leak comprises data found from the “dbo.User_Staff_JOIN” table of the “Remedy Mirror” database, and it includes password hashes, email addresses and usernames in the dump.  Luckily, the passwords appear to be decently encrypted.

At the time of this post, the site is down.  It appears like the admin of the site is patching the security flaw.

The hacker also revealed a XSS Vulnerability in a couple of high profile sites which includes Federal Aviation Authority (faa.gov) site, United States Air Force (airforce.com).

http://www.anonpaste.me/anonpaste2/index.php?f66e175690c6e859#K7+wRJKOEyqudHgnaXWcobPZdySSxrd2mZxsp0NzFOQ=
 http://www.anonpaste.me/anonpaste2/index.php?4ecd93394d6f7f5f#rq8lS4qTfDEkgp3VtR1ibqmCnqsHCX4mmPhwmH45KSI=

About FastFlux

Owner of ZeroSecurity, intrested in programming, malware analysis and penetration testing. If you are interested in joining the ZeroSecurity team please use the contact forum located above to contact us.

Discuss!

Loading Disqus Comments ...
Loading Facebook Comments ...