The attack appears to have taken place on November 5, but the hacker, Nyu, published the list of impacted websites on his Twitter account on Wednesday. He also provided a Pastebin link.
— [Nyu] (@NyuSecurity) November 6, 2013
The majority of the sites remain defaced at the time of publishing. It’s difficult to confirm if every one of the sites in the list have truly been breached, due to the fact that Nyu hasn’t provided defacement mirrors.
Then again, many of them appear to be hosted on a single server, so it’s very likely that this is how the hacker managed to deface all of them in such a small amount of time.
On each of the affected sites, the hacker merely wrote “You’ve been hacked” in both English and Spanish. He has in addition published his email address and a link to his Twitter profile.
The hacker has now provided defacement mirrors. They are available on zone-h.org. The account shows that since May 20, 2013, Nyu has defaced over 2,000 websites from Argentina.