Anonymous has the American carrier, BART embarrassed by breaking into the website and the database with user information to reveal. All passwords were in plain text stored.
The attack on the website of BART was on Sunday done, the day after the transport company decided to the mobile network in the metros of San Francisco to block in an attempt a demonstration against the company to thwart. A group of protesters had already some metro stations are blocked as a form of protest in response to the death of a harsh man who was shot by a BART agent.
After BART found out that there are new demonstrations were coordinated and that this is mainly through the mobile phone happened, decided BART the mobile network in the metros to turn it off. The carrier does not only have its own police force, but is also the administrator of the mobile network in the metro and therefore to the blockade ring.
In response to the shutdown of the mobile network has computer hacker group Anonymous the website mybart.org attacked. To say that simple sql injection knew a few hackers have access to the complete database. In the database information of over two thousand people saved that an account had been created to get access to ‘MyBART’. The website is now closed.
“Every 8-year-old with an internet connection can do what we have done. Moreover, it was not in any information, including passwords, is encrypted,” said the hackers in a statement. In response, BART has Sunday night confirmed that the attack details have been stolen. Of almost all the people from whom the data was stolen was a name, e-mail address and password is known. In a number of cases were also address and phone number stored.
Affected people can contact the three largest credit rating agencies free of charge a so-called ‘fraud alert’ on credit applications from their name requests. This would be fraud with stolen personal information harder to make.
Update, 15.30 hours, In the article was that the data of the customers of the three largest credit rating agencies were sent. This is not correct: clients will be contacted.