El grupo Digital Research Team has announced through his Twitter account the hacking of numerous websites of government entities and universities with the sole purpose of alerting them to the serious security problems that they hide in their systems. The group has publicly alerted these agencies, offering to provide details and help patch them up, however, they have not hesitated to share some data that reveals the magnitude of the issue.
Exposed thousands of names with ID and personal data
The number of websites that have been exposed is quite worrying, but more worrying is the number of records to which this group has had access, since they have been able to find names, surnames, ID and more personal data of each of the records that make up the databases of the attacked sites.
Hello #Ministry of Justice @justiciagob https://t.co/ykVLcyyANl
– Contact us on: digitalresearchteam@secmail.pro
- #Hacked #Pwned #Security #justiciagob #CyberSecurity #Justice #E-mail pic.twitter.com/ZToqt1HX4N—DigitalResearchTeam (@digitalrteam) February 11th 2019
The worst thing is that the affected organizations are entities of great importance, since among those attacked we can find the Ministry of Justice, Treasury, National Statistics Institute, Institute for the Elderly and Social Services and Universities such as Malaga, Huelva, Cádiz, Oviedo and Pablo de Olavide. According to the group, the intention of this publication is to give an ethical warning to those responsible for websites, since they have shown that it is possible to access highly sensitive data if one has the necessary knowledge to do so.
Hello @univcadiz https://t.co/AkhdLPmtzp
– Contact us on: digitalresearchteam@secmail.pro
- #Hacked #Pwned #Security #CyberSecurity #University #E-mail #UCA #Cadiz pic.twitter.com/3Y60pAnwjd—DigitalResearchTeam (@digitalrteam) February 10th 2019
Is your data in danger?
Although the data has not been made public and no file summarizing all the leaks has been shared, the group has published some screenshots that could affect certain people, since in some cases the full name can be identified with last names and even much of the email. The problem, however, is that for now the flaw is still present on all those websites, so another group with worse intentions could still obtain the information and use it in a worse way.
Hello @CiudadanosCs @CsMadridCity @Albert_Rivera @carrizosacarlos #infosec #InfoSecurity
– Contact us on: digitalresearchteam@secmail.pro
– Albert Rivera: 4*7*4*83Y
– Carlos Carrizosa: 3*0*8*90L
- #Hacked #Pwned #Security #Citizens #CyberSecurity #DNI #E-mail #CitizensCS—DigitalResearchTeam (@digitalrteam) February 13th 2019
Such is the feat of the group, that they have even been encouraged to publish part of the Albert Rivera's ID, the top leader of the Ciudadanos political party, so if the information is true, it shows how delicate the situation is. The list of websites affected by the hack is as follows: