Hacker Group Breaches Library of Congress Site, Publishes Passwords

2012-03-05T20:40:17
ID THREATPOST:D8F1BCD098B631A80C232CB27C1A388E
Type threatpost
Reporter Brian Donohue
Modified 2013-04-17T20:05:38

Description

A group of hackers claims to have breached the official website of the Library of Congress, America’s __national library.

The group claiming responsibility, BlitzSec, decried the wildly unpopular US Congress and said it used a SQL injection attack to access the Library of Congress Website’s back end database and expose user names, passwords and email addresses. The group has posted data taken from the Library on the file sharing Web site Pastebin.

According to Softpedia.org, BlitzSec made a name for themselves by publishing exploit proof-of-concepts after compromising popular websites.The exact motive for the attack on the Library is unclear.

In a statement on Pastebin, BlitzSec said he hack was a message to the U.S. Congress, which it singled out for controversial legislation like the National Defense Authorization Act and the Patriot Act, calling members “criminals” and “terrorists.”

Congress has often been the target of attacks and Web site defacements, as well as inadvertent data leaks. Congressmen and women, as well as staff, also receive a flood of malicious mail, according to reports. Despite that, numerous audits by the Government Accountability Office and others have found efforts to secure critical government IT infrastructure to be lacking in recent years.