A hacker that goes by the name “~!White!~” has contacted us with a breach on a Pentagon.mil sub domain, the sub domain was not disclosed.
The individual did provide us with a partial data dump that was posted to Pastee.org with a expiration date and all the sensitve data removed. You can view a snippet of the dump below:
Pentagon.Mil available databases [79]: [*] AppianTracking [*] ArmyPostureStatement [*] btac [*] caad [*] CBMa [*] ChaplainCenter [*] hydadatasource [*] master [*] sb_veodo [*] schedz [*] acsim_ca [*] AF_CMRA [*] AF_CMRE_Audit [*] ANC [*] ArmySuggestionProgram [*] ARTSDOL_IDB [*] AYFBH [*] BA [*] BLxM [*] CMRA [*] CMRA_Audit [*] CMRA_Hist [*] CMRA_Hist_Audit [*] CMRP [*] coredb [*] CTOF [*] CYT_Training [*] dpo [*] DSLDB [*] eDARTS_IDB [*] edartsanc [*] eflow [*] EFUNDS2 [*] Emanager [*] HumanResources [*] INFOSEC [*] ITQ13E [*] IWIAS [*] IWIAS_Symposium [*] IWIAS_Training [*] KIOSK [*] logistics [*] LSWpropturnin [*] model [*] msdb [*] OAA911Memorial [*] OAA911Memorial_Public [*] OCLLfeedback [*] OGCEthicsTraining [*] Opentraining [*] OPSEC [*] pam2530_data [*] pentlib [*] phone [*] PTI [*] RBuilderOO_p2011 [*] RbuilderOPTrain_P2011 [*] ROCQ [*] routeranc [*] routerdb [*] Sigar [*] SLD_History [*] SMY_NP [*] surveys [*] tempdb [*] TLD_CMO [*] tmsDB [*] TnA [*] TrackingSysFeedBack [*] TRM_Utilities [*] TRMIS [*] TRMIS_AC [*] TRMIS_AR [*] TRMIS_FcMS [*] TRMIS_ITRM [*] TRMIS_NG [*] TRMIS_Ref [*] Ucr [*] vpas Database: abc [3 tables] +---------------------------------+ | dbo.Q | | dbo.[\t#\x1e] | | dbo.[~\x7f?5\x05E\tA\x06))u\x0b]| +---------------------------------+ Database: ChaplainCenter [1 table] +-------------+ | dbo.[\x03!] | +-------------+ Database: dpo [5 tables] +----------------------+ | dbo.Address_T | | dbo.Mail_Manager_T | | dbo.Service_T | | dbo.Maiurqty_T | | dbo.dtproperties | +----------------------+
The hacker also claimed to have vulnerabilities discovered in the following sites, “Noaa.gov,Doe.gov,Army.mil,Dla.
