The leak comprises data found from the “dbo.User_Staff_JOIN” table of the “Remedy Mirror” database, and it includes password hashes, email addresses and usernames in the dump. Luckily, the passwords appear to be decently encrypted.
At the time of this post, the site is down. It appears like the admin of the site is patching the security flaw.
The hacker also revealed a XSS Vulnerability in a couple of high profile sites which includes Federal Aviation Authority (faa.gov) site, United States Air Force (airforce.com).