Hackers have broken into a website of the Australian Institute of Business Brokers and published 260 user login credentials on the internet.
The institute, the peak industry body that represents professional business brokers, was unaware of the hack which happened late yesterday.
National President Paul Nielson said the members login area did not include financial data.
CRN sister site SC has verified the identity of a random sample of brokers contained in the list. Ten of the 14 executive members had their logins published including Nielson.
The hashed passwords appeared to be encrypted with MD5 which can be easily cracked.
The institute is investigating the breach. It owned three websites and it was unclear at the time of writing which site was hacked.
The hacker ignit3 from the nullcrew hacking group claimed credit for the breach which appeared to be made in reference to the #opAustralia campaign that targets the Federal Government’s draft data retention scheme.
Under that operation, an AAPT server held by Melbourne IT was hacked and a claimed 40Gb of data stolen.
Copyright © SC Magazine, Australia
Issue: 335 | January/February 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.