Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hackers Dump Millions of Records From Banks, Politicians

timothy posted about 2 years ago | from the no-such-thing-as-the-afl-cia dept.

Security 310

hypnosec writes "TeamGhostShell, a team linked with the infamous group Anonymous, is claiming that they have hacked some major U.S. institutions, including major banking institutions and accounts of politicians, and has posted those details online. The dumps, comprised of millions of accounts, have been let loose on the web by the hacking collective. The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies."

cancel ×

310 comments

Great plan (5, Insightful)

masternerdguy (2468142) | about 2 years ago | (#41131289)

Yes let's ruin millions of innocent lives to protest the arrest of criminals!

Re:Great plan (5, Funny)

Anonymous Coward | about 2 years ago | (#41131311)

Look on the bright side--it's a step above their usual tactic of protesting censorship by DDOSing websites that say things they don't like.

Re:Great plan (2, Insightful)

phantomfive (622387) | about 2 years ago | (#41131321)

I consider it a protest against bad security......

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131335)

Also if your data was among the released?

Re:Great plan (4, Insightful)

djnanite (1979686) | about 2 years ago | (#41131349)

I consider it a protest against bad security......

And will you still be supporting their actions when you find your own personal bank details on that list?

Seriously - this just causes hassle for *everyone*, and is not a good way to drum up support for your ill-defined and unfocussed protest.

Re:Great plan (4, Interesting)

Yvanhoe (564877) | about 2 years ago | (#41131383)

As someone exterior from the US, there is something I don't understand... What do people wait to file a class action to protest against bad security in banks ?

Re:Great plan (4, Insightful)

Darkness404 (1287218) | about 2 years ago | (#41131405)

Exactly. The sort of nice thing about this is, its public. You can see, you KNOW if your account is breached, its really done in a non-malicious way. I'd much rather have my personal information leaked in a big leak like this than have some guy accessing my account and I have no knowledge about it.

Re:Great plan (2)

Jane Q. Public (1010737) | about 2 years ago | (#41131445)

"What [why?] do people wait to file a class action to protest against bad security in banks ?"

They haven't. It is discussed a lot here on /., for example, and it was brought up in the Wall Street protests. We just haven't been listened to.

But in order to actually file a suit (something they are liable to pay attention to), one must show that there have been damages.

Re:Great plan (3, Insightful)

Nutria (679911) | about 2 years ago | (#41131741)

This is the critical point: American jurisprudence is designed to be reactive, not proactive.

Re:Great plan (4, Insightful)

Jane Q. Public (1010737) | about 2 years ago | (#41131759)

"This is the critical point: American jurisprudence is designed to be reactive, not proactive."

Yes, it certainly is. It inherited that (as did many other countries) from European Common Law. It's not like that's unique or even unusual.

Arguably, that's the way it should be, in a society that promotes freedom over government control.

Re:Great plan (2)

Nutria (679911) | about 2 years ago | (#41131853)

European or English Common Law?

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131997)

European or English Common Law?

Doesn't England pretty much rule Europe through that "EU" that is in place now?

Re:Great plan (1, Interesting)

Anonymous Coward | about 2 years ago | (#41132083)

I think you will find that is Germany. Third bite at the cherry and all that.

Re:Great plan (3, Insightful)

TarPitt (217247) | about 2 years ago | (#41131629)

Because Americans believe government regulation is bad and markets are good.

So instead of having job-killing freedom-strangling government regulations requiring better security, Americans wait until after their personal information has been compromised and publicly posted, then use the tort system to obtain economic compensation for the resulting damages.

Or they will until the tort system is crippled for killing jobs and crippling free enterprise.

Re:Great plan (-1)

Anonymous Coward | about 2 years ago | (#41131745)

Yeah, those fucking Americans! *facepalm*

Re:Great plan (3, Insightful)

arfonrg (81735) | about 2 years ago | (#41131807)

Because lawsuits costs money... It takes THOUSANDS of dollars to pursue a civil suit and most people can't afford it. On top of that, class action suits are usually brought about by a lawyer(s) who really could care less about justice and care more about taking a percentage of the gains so, they take a gamble.

It's not a fair system but, it's better than nothing and could be much worse.

LAWSUIT RULE 1: The only people who win are the lawyers.

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131835)

My understanding is that you HAVE to wait until something goes wrong. You cannot sue against bad security, only when there is a security breach. The purpose of the legal system is to find fault, not to fix problems.

Re:Great plan (4, Insightful)

girlintraining (1395911) | about 2 years ago | (#41131957)

As someone exterior from the US, there is something I don't understand... What do people wait to file a class action to protest against bad security in banks ?

Ignoring the grammar, it would be because the US Supreme Court deleted citizens' ability to join class action lawsuits because it cost corporations too much.

Re:Great plan (1)

neonKow (1239288) | about 2 years ago | (#41132071)

Am I misreading you or are you just engaging in hyperbole? As far as I know, there has been nothing that blocks citizens from joining class action lawsuits.

Re:Great plan (4, Funny)

Gordonjcp (186804) | about 2 years ago | (#41131387)

I really hope my bank details *are* on the list.

Perhaps then some random Nigerian general or doctor or prince or whatever will pay off my overdraft.

Re:Great plan (5, Funny)

Smallpond (221300) | about 2 years ago | (#41131705)

Dear Nigerian citizen. I am the son of the late US President Ronald Reagan. I have recently come into the possession of the sum of FIVE US DOLLARS which I need your help in hiding from the US Internal Revenue Service ...

Re:Great plan (2)

AliasMarlowe (1042386) | about 2 years ago | (#41131777)

Dear Nigerian citizen. I am the son of the late US President Ronald Reagan. I have recently come into the possession of the sum of FIVE US DOLLARS which I need your help in hiding from the US Internal Revenue Service ...

Try for MINUS ONE HUNDRED THOUSAND American Dollars instead. Maybe you'll get lucky...

Re:Great plan (5, Insightful)

Jane Q. Public (1010737) | about 2 years ago | (#41131417)

"And will you still be supporting their actions when you find your own personal bank details on that list? "

Damned straight I would. That would give me direct evidence that my bank was not properly protecting my money, and give me very good motivation to start (or join) a lawsuit.

If the banks' security is shit, it's good to know about it. Better it be public than found by some criminal organization that will just steal it all and disappear.

Re:Great plan (0)

Stan92057 (737634) | about 2 years ago | (#41131635)

It can be done without putting peoples money at jeopardy. This act is bullshit and only helps criminals

Re:Great plan (2)

Jane Q. Public (1010737) | about 2 years ago | (#41131737)

"It can be done without putting peoples money at jeopardy."

Really? And how would you do that, such that people really paid attention and it wasn't buried in a 1-inch news story on page 7?

I eagerly await learning about this brilliant plan.

Re:Great plan (3, Informative)

VortexCortex (1117377) | about 2 years ago | (#41132025)

"It can be done without putting peoples money at jeopardy."

Really? And how would you do that, such that people really paid attention and it wasn't buried in a 1-inch news story on page 7?

I eagerly await learning about this brilliant plan.

Simple, when they have requirements on password length or character sets, then they're not hashing or encrypting passwords. Then you sue them for negligence, inform the media that instead of the story, "Up next: What common product under your sink could be killing your babies?", they should run, "Up next: Find out why banks are sharing your account passwords with thousands of people.", before they have a word from their sponsor.

I only have the time/money to write nasty emails and talk to branch managers when I visit. Their answer is that people forget their passwords, and they need to see the password to tell them what it is, or help with customer service -- They shouldn't EVER need to do that either. Also: if there's a login form on a page that's not HTTPS -- It's vulnerable to SSL Strip among other MITM attacks. They won't hire a "security researcher" to help AND also listen to what they have to say because That's wilful negligence.

I'm aware that they could be applying character set rules before submitting the data to improve entropy, but there's no reason to limit the length to 6 to 12 characters.

Re:Great plan (4, Informative)

Jane Q. Public (1010737) | about 2 years ago | (#41132093)

"Simple, when they have requirements on password length or character sets, then they're not hashing or encrypting passwords. Then you sue them for negligence, inform the media that instead of the story, "Up next: What common product under your sink could be killing your babies?", they should run, "Up next: Find out why banks are sharing your account passwords with thousands of people.", before they have a word from their sponsor. "

I've tried it. Doesn't work.

My (then) bank had a huge security hole in their online banking. I contacted the bank several times, and even went to the main branch in person, to show people what the problem was. I talked to their own programmers. They all agreed "This is a huge problem and we need to deal with it right away."

Did they? No. And after multiple contacts over multiple months, I finally decided to go to the media with my story. Guess what? The news media wanted nothing to do with it.

No... sorry. You are assuming they are reasonable people. They aren't. This is the only way they'll pay attention.

Re:Great plan (3, Informative)

Jane Q. Public (1010737) | about 2 years ago | (#41132101)

And just to be clear: this wasn't even your typical, hackable, "security vulnerability". This flaw allowed ANYBODY who knew about it, with no programming skill whatever, to get name, account number, address, and telephone for anybody's bank account.

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131645)

If the banks' security is shit, it's good to know about it. Better it be public than found by some criminal organization that will just steal it all and disappear.

What, like banks?

Re:Great plan (3, Interesting)

phantomfive (622387) | about 2 years ago | (#41131651)

And will you still be supporting their actions when you find your own personal bank details on that list?

YES, I will, and I'll tell you why.

A public release like this lets me know, lets everyone know, there's a problem. I'd much rather have someone hack and release the details publicly than hack and steal all my money.

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131357)

Oh yeah great protest against bad security, you detatched nerd. I just had to change my bank account information just in case. The main reason I read slashdot is to be notified of this kind of bullshit.

Re:Great plan (1)

flyneye (84093) | about 2 years ago | (#41131501)

I consider it a protest against bad grammar...

*The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies."*

Lets try: The motivation behind the hack, the group claims, is to protest against banks, politicians . Also protested, hackers who have been captured by law enforcement agencies obviously unfairly because they were helping Anonymous."
            Just send them to remedial English until they find their way out of the "clueless booth".

Re:Great plan (3, Funny)

phantomfive (622387) | about 2 years ago | (#41131633)

lol we need grammar nazis in the world, but do you realize your attempt has worse grammar than the original?

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131769)

the "clueless booth."

The FUCKING PERIOD STAYS IN THE QUOTES. I hate having to correct grammar Nazi fags.

Re:Great plan (1)

Bill_the_Engineer (772575) | about 2 years ago | (#41131961)

I consider it criminal activity with a really flimsy cover story.

Re:Great plan (3, Insightful)

jhoegl (638955) | about 2 years ago | (#41131347)

How do you know it is going to ruin lives when you havent even gone through it?
Perhaps it contains information that shows what we have been expecting all along, some of our senators are corrupt, they want to create laws to spy on everyone so that they can find people who know about them, and the same with corporations.
Wake up people, we live in a corporate run society, we are losing freedom in the false name of capitalism, we are losing our humanity to money.

Re:Great plan (4, Insightful)

kiwimate (458274) | about 2 years ago | (#41131409)

How do you know it is going to ruin lives when you havent even gone through it?

Have you ever been through a car/motorcycle accident? I have - how can you understand it if you haven't? Of course, it doesn't take a personal experience to understand that a car running into you is going to hurt, probably break some bones, that kind of thing.

It's not that difficult. You don't have to go through having your identity stolen to be able to understand the impact [slashdot.org] .

Re:Great plan (0)

jhoegl (638955) | about 2 years ago | (#41131453)

Not car/motorcycle, but I have seen enough Motorcycle drivers to know that the car was most likely not at fault.
So... where is your analogy now?

Re:Great plan (1)

Anonymous Coward | about 2 years ago | (#41131659)

I am WAAAAAY more careful on my bike than in my car. I always slow down when approaching left turners REGARDLESS if I have the right of way. In traffic, I never ride beside a car in case they decide to change lanes without looking. I avoid tailgaters like the plague because I know they can't stop as quickly as I can. I know that one inattentive car driver or one error on my part can leave me splattered all over the asphalt.

Re:Great plan (1)

Nerdfest (867930) | about 2 years ago | (#41131923)

Strange, in almost every motorcycle accident I've seen involving a car, the car *was* at fault. The 'left turn in front of an oncoming bike' is the classic one that kills motorcyclists.

Re:Great plan (1)

neonKow (1239288) | about 2 years ago | (#41132137)

Amazing. Not only have you completely ignored GP's point about sympathy that "it doesn't take a personal experience to understand that a car running into you is going to hurt" and turned it into some rant about who is at fault, you've also exposed your own prejudices and managed to be so oblivious to it that you are going to be smug about it.

I even vaguely agree that it's better to be at the mercy of benevolent hackers than at the mercy of lazy business practices that is hurting the common man, but your arguments are completely invalid.

I think the argument boils down to the fact that we are all harmed by not having our information protected, even if we don't know it is happening to us.

Re:Great plan (2)

vlm (69642) | about 2 years ago | (#41131467)

How do you know it is going to ruin lives when you havent even gone through it?

That is an excellent question. I'll have to download the data and grep for my info. Anyone connected to my paper checks, as recipient or store clerk or garbage man, already knows my name, address, bank name, and bank account number, and at least one recently written check number. Allegedly this is why Knuth stopped sending out personal checks in return for finding errors in his books. Given the thousands, maybe tens of thousands of people with access to this data who've done nothing to me and the only person I've ever heard even mention it is Knuth, I donno if its a serious concern.

Re:Great plan (5, Informative)

Jane Q. Public (1010737) | about 2 years ago | (#41131479)

"Wake up people, we live in a corporate run society, we are losing freedom in the false name of capitalism, we are losing our humanity to money." [emphasis added]

At least you do say "false". But I would prefer that you leave "capitalism" out of it. The people that are doing aren't calling it "capitalism", and at least in that sense they are more correct than their detractors.

Capitalism has nothing to do with this. Greed, corruption, monopol, and cronyism are not part of capitalism. Not even close. In fact, real capitalism cannot exist in an atmosphere that is so rife with these things.

Re:Great plan (4, Interesting)

Anonymous Coward | about 2 years ago | (#41131531)

That sounds very much like the "no true communist state has ever existed" (i.e. No True Scotsman) line.

As long as human beings are involved, all the typical vices attributed to greed occur, and Capitalism is no different. The best you can say is that Capitalism when practiced by humans is an abject failure, due to the complete inability of its self-correcting factors ("invisible hand" via competition and intelligent actors) to have any effect.

Re:Great plan (0)

Jane Q. Public (1010737) | about 2 years ago | (#41131749)

"As long as human beings are involved, all the typical vices attributed to greed occur, and Capitalism is no different."

Thank you for proving my point: it has nothing to do with capitalism, per se. That's what I stated, that's what you just stated.

Re:Great plan (1)

microbox (704317) | about 2 years ago | (#41131843)

That sounds very much like the "no true communist state has ever existed" (i.e. No True Scotsman) lin

It is possible to fallaciously point out a logical fallacy. Perhaps you were being factitious? Nay, more like you're just shooting from the hip.

Re:Great plan (5, Insightful)

Sarten-X (1102295) | about 2 years ago | (#41131889)

"No true communist state has ever existed" is not a No True Scotsman fallacy.

No True Scotsman is where the experimental grouping is based on the results of the experiment. As a more obvious example, consider giving all of the participants in a drug trial the same medication, then splitting them up afterward based on whether the drug worked or not. In the had-a-good-effect group, 100% of the trial patients had a good effect! Amazing!

The classification of political states, however, is a different issue. No true political anything has ever existed. Dictatorships aren't true dictatorships, because the dictators don't directly control absolutely everything for everyone. Communism isn't true communism, because the people making decisions have always been held in higher regard than the people making toilets. Capitalism isn't true capitalism, because there is always regulation and corruption getting in the way of an informed public. Monarchies aren't really monarchies, because there are always parallel power structures that don't fall into the nicely-defined hierarchy.

The fallacy here (for which I do not recall a proper name, and can't be bothered to look it up) is a confusion (intentional or not) between ideals and realistic implementations of systems. It's easy enough to say "in a Communist system, everyone is valued equally," but much more difficult to actually convince a nation of people to consider everyone perfectly equal. The ideal, however, does make for an interesting philosophical discussion, just as the real implementation makes for an interesting sociological discussion. With the insights from both, perhaps a political system can be devised that accomplishes the goals of the ideal system, while accommodating the pitfalls of the real implementation.

Re:Great plan (2)

AliasMarlowe (1042386) | about 2 years ago | (#41131813)

Capitalism has nothing to do with this. Greed, corruption, monopol, and cronyism are not part of capitalism. Not even close. In fact, real capitalism cannot exist in an atmosphere that is so rife with these things.

Ahem, greed is central to capitalism. On the other hand, corruption and cronyism are indicative of a failure of regulation rather than of the economic system (whether capitalist or not), and monopoly is potentially but not necessarily an evil.

Re:Great plan (1)

Raenex (947668) | about 2 years ago | (#41131585)

Perhaps it contains information that shows what we have been expecting all along, some of our senators are corrupt, they want to create laws to spy on everyone so that they can find people who know about them, and the same with corporations.

I'm having trouble following your logic. Senators pass laws, they don't execute them. You're living in some fantasy world.

Re:Great plan (1)

ObsessiveMathsFreak (773371) | about 2 years ago | (#41131415)

Right now, millions of live are being ruined because certain criminals aren't being arrested.

Re:Great plan (1)

bbelt16ag (744938) | about 2 years ago | (#41131493)

um, i am not sure about you but i dont got an account with millions of dollars, infact i am so poor i dont have any accounts at a bank. so these are the people who are stealing all the money, taking all the jobs, and defaulting our homes and loans. So no I don't feel sorry for them. They can rot in hell for all i care.

Re:Great plan (1)

Jane Q. Public (1010737) | about 2 years ago | (#41131533)

"They can rot in hell for all i care."

Um, I could be wrong, but I believe GP was being sarcastic, and that those are the very people to whom he was referring.

Re:Great plan (2)

fustakrakich (1673220) | about 2 years ago | (#41131435)

You're right... Only the state has the right to ruin millions of innocent lives.

Re:Great plan (0)

Anonymous Coward | about 2 years ago | (#41131581)

I think the establishment has gone way, way too far, and revolution has started. Cyber attacks are the easiest way to get the most bang for the buck at the moment. Governments and globalist institutions everywhere should look out, the lid is about to be blown off the tea pot. These (innocent?) casualties did not get shot or stabbed and should be thankful. Far worse happens as collateral damage in wars that reach the physical stage.

Security (4, Insightful)

DevotedSkeptic (2715017) | about 2 years ago | (#41131303)

Banks got billions in bailout but apparently put none of it into security. Like the bailouts the Banks and politicians win and the consumers lose.

Re:Security (2)

lightknight (213164) | about 2 years ago | (#41131389)

The power to print money, and give it to your friends, is the power to ensure you and your friends are always on top*.

* For all situations where this is applicable.

Re:Security (1)

Jane Q. Public (1010737) | about 2 years ago | (#41131489)

" Like the bailouts the Banks and politicians win and the consumers lose."

I think most of us realized this 4 years ago.

Re:Security (1)

Sarten-X (1102295) | about 2 years ago | (#41131637)

Because when you get a gift to help pay off a mountain of debt, surely the first thing to do is go buy a new door lock, rather than, say, paying off that debt.

Re:Security (1)

DarwinSurvivor (1752106) | about 2 years ago | (#41131867)

They got way more than enough to pay off that debt, just look at the ridiculous bonuses all the exec's got at the end of that quarter!

Something like this was bound to happen... (4, Insightful)

dryriver (1010635) | about 2 years ago | (#41131371)

The powers-that-be, which includes banks, corporations and lawmakers, have been driving all of us "ordinarylings" towards a future where we are increasingly under 24/7 surveillance, whether we like it or not. They have been building a "surveillance grid" that becomes more sophisticated every day, and that knows everything from what we are buying/consuming, to what we are reading, to where we surf on the net when we get up in the morning, to where we park our cars, or go for an evening walk. ---- In a sense it is almost fair that the people who have been encouraging & bankrolling & constantly expanding this surveillance grid get their own digital lives hacked, and thrown online for everyone to scrutinize. ----- If we weren't surveilled digitally, 24/7, and so cruelly, I would say that these hackers have done "a bad thing". ------- Things being what they are - we are watched every more closely by the surveillance grid - its hard, morally speaking, to blame these hackers for their unorthodox actions and tactics.

Re:Something like this was bound to happen... (2)

sgrover (1167171) | about 2 years ago | (#41131487)

I'm all for exposing the rampant abuses of our privacy and collection of our personal information. BUT, this sort of thing only hurts the public. It does not hurt the people who commissioned the system to collect this data. All that is being exposed here is that some systems that happen to collect information have some security holes that need to be fixed. This fact in itself may be damaging, but only to those who use and/or maintain the system.

The fact that the system exists, and that it can tied with other similar systems to paint a very broad description of a person is the part that should be worrying to the public. Why do we need such a system? Why does it have to talk with other systems? Is the data it is collecting really secret? Or even ours to control? These are the questions I think need to be highlighted. Unfortunately these data dumps, while possibly altruistic in intent, do little to address the real questions. IMO.

Re:Something like this was bound to happen... (1)

fustakrakich (1673220) | about 2 years ago | (#41131721)

BUT, this sort of thing only hurts the public.

Collateral damage! I'm not going to cry over the so called 'innocents' that support a system that's corrupt by design. The very basis of sanctions against a country is to make the lives of its citizens as miserable as possible so that they rebel against their government. To say we don't target civilians in warfare is hogwash. If a government can consider them to be legitimate targets, so can these guys. It's the old 'what goes around comes around', or 'chickens coming home to roost' thing.

Re:Something like this was bound to happen... (2)

Sarten-X (1102295) | about 2 years ago | (#41132007)

What reasonable alternative did the innocents have? Join a non-existent revolution?

The simple fact is that having the conveniences of modern life requires trusting your personal information to others. You can pick which bank you use, but they seldom allow customers to fully inspect their security practices. The innocents are unwilling participants who really have no choice in whether they support the corrupt system or an honest improvement, because they can't tell which option is supporting which system.

Re:Something like this was bound to happen... (0)

Anonymous Coward | about 2 years ago | (#41131615)

I am thinking of creating a social network called MaskBook, only thing you need to join is a nickname and password. There will be no other data fields, not even optional ones.
All pictures will be run through the censor machine and will blur all faces, black-strip all dates, numbers, words.
Oh yeah, it would also be invitation only from a very select groop of randomly chosen 10.000 individuals.
Temporary and permanent bans on individuals decided by the people they start interaction with.

Oh, I'd probably ban whole China, don't want them to use it, even if it might be helpful to them, they're so much under the state's thumb, they ruin every company that has dealings with them.

Contrary to what Facebook and friends say, there's no need for javascript, cookies, IP storing, cache or anything similar. We're in 2012 technology evolved quite a bit in the past decade, the hardware and bandwidth savings, don't come even close to justifying the developement costs.

And last thing, it wouldn't be based in the US. That's for damned sure.

I could think of a few more, but I'm dead tired, maybe tomorrow.

Re:Something like this was bound to happen... (1)

Sarten-X (1102295) | about 2 years ago | (#41131935)

<!doctype html system> <html> <head><title>MaskBook - The absolutely secure social network!</title> <style type="text/css"> body { background-color: #000; } </style> </head> <body> </body> </html>

Re:Something like this was bound to happen... (0)

Anonymous Coward | about 2 years ago | (#41131933)

whereis the LIKE ~Absolutely!

Cool, that'll show 'em (5, Insightful)

kiwimate (458274) | about 2 years ago | (#41131379)

Score against banks - a bit of a headache, some minor bad P.R., a temporary drop in share price maybe. Don't worry, it'll come back up when the next scandal pushes this one off of people's memories.

Score against the people they're standing up for (the public) - millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress...

What a bunch of jackasses. Maybe these people should think who they're really hurting once in a while.

Re:Cool, that'll show 'em (1)

Anonymous Coward | about 2 years ago | (#41131457)

Just had an idea: if enough peoples' credit scores are run into the ground by something like this, that means those people won't be able to go into debt even if they wanted to. It also means the banks wouldn't lend them money even if they wanted to. That means banks will end up unable to lend unless they go the subprime route (and they don't know this time who really is subprime with everybody in the ratings gutter). They'd have to fix their systems just to be able to do business. I kind of like that outcome. Too bad this has to happen for people to fix their stuff.

Re:Cool, that'll show 'em (1)

jesseck (942036) | about 2 years ago | (#41131625)

Just had an idea: if enough peoples' credit scores are run into the ground by something like this, that means those people won't be able to go into debt even if they wanted to. It also means the banks wouldn't lend them money even if they wanted to. That means banks will end up unable to lend unless they go the subprime route (and they don't know this time who really is subprime with everybody in the ratings gutter). They'd have to fix their systems just to be able to do business. I kind of like that outcome. Too bad this has to happen for people to fix their stuff.

That's about as good as my uncle's idea that if every Veteran were to apply for disability it would make war too costly... it isn't realistic. The rules would be changed to ensure the banks stay in business (including lowering credit score requirements or modifying the metrics), and in the end the consumers would still be hurt. There is big money to be made in banking (for both banks and politicians)- just like there is big money to be made in war.

Re:Cool, that'll show 'em (1)

poity (465672) | about 2 years ago | (#41131773)

lol, if we burn down buildings they'd have to build new ones with more fire resistance. BRILLIANT!

Re:Cool, that'll show 'em (4, Insightful)

_Ludwig (86077) | about 2 years ago | (#41131495)

How would this lower anyone’s credit rating? Unless they’ve been lying to creditors about their assets/income, in which case their credit rating ought to take a hit.

Re:Cool, that'll show 'em (3, Insightful)

DarwinSurvivor (1752106) | about 2 years ago | (#41131879)

Identity theft.

Re:Cool, that'll show 'em (4, Insightful)

Jane Q. Public (1010737) | about 2 years ago | (#41131513)

"Score against banks - a bit of a headache, some minor bad P.R., a temporary drop in share price maybe. Don't worry, it'll come back up when the next scandal pushes this one off of people's memories."

Not really. This publicly humiliates their "security" measures. In many cases, they are probably breaking Federal security laws. If I were among those affected, I would try to start or join a class action suit.

"Score against the people they're standing up for (the public) - millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress..."

Again, not really. Would you honestly rather have had somebody discover all this in secret, and run off with all the money they could finagle out of it? And not be discovered for months or years later?

Or would you rather have it public, so that The People know about it and can take action against it?

No, you are quite wrong. This WAS the right thing to do.

Re:Cool, that'll show 'em (0)

Anonymous Coward | about 2 years ago | (#41131515)

lol, you're a drama queen. It's like when all those other credit card accounts that got hacked and their credit scores went to crap, right? right?

Re:Cool, that'll show 'em (1)

phantomfive (622387) | about 2 years ago | (#41131529)

millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress...

Why do you think any of that will happen? I think you're making stuff up.

Re:Cool, that'll show 'em (3, Interesting)

vlm (69642) | about 2 years ago | (#41131573)

millions of lives ruined as their credit goes to pot

Yeah, how does that work? I've seen this quite a few times in the comments already, and I'm not arguing they're doing the right thing, I'm not arguing no one will be hurt or its not annoying, but I have no idea how your credit gets ruined because someone steals your docs.

I'm old enough to have gotten a couple car loans and mortgages and I've seen my reports, you can request a copy online although its a modestly annoying task.

They are unexpectedly interested in how long the account has been opened (I was surprised to learn that, my guess is its a legal proxy for knowing your age). They're extremely excited about your monthly payment record over the past couple years. They seem interested in default/fraud/NSF-bounce issues in the past couple years. They really like to tabulate your current balance and all kinds of ratios based on those balances as a fairly pointless snapshot. I'm just not seeing a section of the report "number of times account info released by anonymous", perhaps with a graph or something like that.

My wife got her CC stolen probably online, no big deal, bank was nice about it all, no cost to us, doesn't show up on any report that we've seen since. My mom got her info stolen and a truck purchased in her name and driven across the .mx border, again no problem.

So humor me with what an organic chemist would call a reaction mechanism. A droplet containing your bank account number is dropped into the fetid test tube that is the internet and the reaction begins with... I'm looking for a model of how this supposed "destruction" happens? I'm hearing this is financial ebola, but only experienced and heard of a sniffle in similar cases. I'm interested in how this destruction happens.

Re:Cool, that'll show 'em (2)

Sarten-X (1102295) | about 2 years ago | (#41131755)

The credit record is damaged like any other identity theft: Incrementally.

Looking at a few of the leaked details, I see full names, phone numbers, passwords, and answers to verification questions. With knowledge of your bank accounts, anyone can call the person directly claiming to be a representative from the bank, and ask a few security questions. Then they can use the answers to convince the bank to release more details, under the pretense of "verifying some old records". Attackers can build up enough facts and details to open a credit card or get a loan in your name, then run off with the money. Then that monthly payment record that's so exciting turns sour fast, and even if the creditor is helpful in clearing up the fraud, the theft is noted in your fraud history.

It's amazing how much information people will gladly give away to someone claiming to represent their bank who already knows a few details.

A lot of the damage depends on how willing the creditor is to take the loss. Not all banks are "nice about it all", and it's entirely at their discretion what history end up on your report.

Re:Cool, that'll show 'em (1)

Xest (935314) | about 2 years ago | (#41131975)

"Score against the people they're standing up for (the public) - millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress...

What a bunch of jackasses. Maybe these people should think who they're really hurting once in a while."

Hi, in the UK we have sane banking laws whereby if something like this were to happen to you and you were to get a bad credit score as a result and company giving said bad credit score did not work to reverse this reputation they had given you you could claim a fair amount of compensation.

I don't know what fucked up country you live in, but the fact that this can't actually happen in the UK is evidence enough that your theory that the hackers are responsible for ruining lives is completely ass-backwards and it is in fact inept governance, coupled with perhaps corporate lobbying against such laws by banks against consumer protection that is the fundamental fault.

I had my card details stolen from an online retailer once, and they were used to buy 300 euros of mobile phone credit in Italy within an hour of me taking cash from a cash machine in the UK. This is despite my bank blocking a £720 transaction for a high end monitor from a well known online retailer once, simply because they felt it was a dodgy looking transaction for some god unknown reason. I'm far more angry towards the retailer who obviously allowed my details to be leaked, and the bank for allowing an impossible transaction despite having the ability to jump on other transactions (that were actually legitimate) and inconvenience me when it suits than I am the people who took and sold my details, but despite this it caused my no inconvenience, the bank had to shoulder the interest payments, my credit score didn't suffer one ounce, there was no bankruptcy, there was no split household, and frankly, there was no real fucking stress.

Honestly, either lobby your government, or move to a country where you are actually protected as a consumer and not screwed over for a company's fuckup if it bothers you that much.

what is the point? (0)

Anonymous Coward | about 2 years ago | (#41131421)

What is the point of these efforts? It's generally accepted that systems can be compromised. You aren't helping the issue by making it more obvious to the general public through scare tactics. Why not just burn a bunch of houses to ground in protest? that should get some media coverage. So what if a few are occupied they should have invested in better smoke detector security.

Big Picture. (0)

Anonymous Coward | about 2 years ago | (#41131431)

It's all about the big picture.

With data like this--just emails tied to businesses--even the little guy can start making connections. Without those connections being apparent, Big Business can simply do what they've done for centuries--operate behind closed doors to the detriment of those that remain outside. Posting the information the way it has been, I can Google someone's email address, perhaps a potential business partner, and see what other businesses they have been interacting with and base my decisions on that.

The point is that governments, employers and corporations already do this with OUR data--it's high time we were given the power to do the same. Releases like this--that open the doors to back-room deals--serve to balance the scales between individual rights and everything else.

Yay for the little guy.

Did anyone look at these "dumps"? (4, Informative)

TheRealMindChild (743925) | about 2 years ago | (#41131559)

Seriously, has anyone actually looked at these so called "dumps"? Most of them are a single field from a table, with no relational data to associate the bits. I see email addresses with nothing else. I see [email] addresses with nothing else. I see First and Last names, but nothing else. Phone numbers... the same. Then there are loads of obvious blog style records that is used to populate their "news" and such sections (which are obviously on their front page anyway). Where is the damage?

Re:Did anyone look at these "dumps"? (0)

Anonymous Coward | about 2 years ago | (#41131617)

It looks like everyone else is to busy bickering over the morality of the whole issue to notice.

Re:Did anyone look at these "dumps"? (1)

Anonymous Coward | about 2 years ago | (#41131619)

The dump is a load of crap. What they must have done for about 6 months is automatically grab whatever could be hit by some simple vuls and then issue a big swinging-dick advertisement. For example, the "MIT" one is MIT materials science department, the "CIA services" one is a community management company with the initials CIA. Half the pulls look like wordpress databases or some mail merge stuff. If they hadn't labeled the stuff so deceptively, nobody would care.

Re:Did anyone look at these "dumps"? (1)

Anonymous Coward | about 2 years ago | (#41131639)

Oh yeah, also a bangladeshi bank, a cypriot tourist office, and some random left-wing european party. Classic script kiddie crap really - don't announce what you're attacking. Find what's vulnerable and shout about it after the fact.

Yeah, They Look Like Garbage ... (5, Interesting)

eldavojohn (898314) | about 2 years ago | (#41131753)

Seriously, has anyone actually looked at these so called "dumps"? Most of them are a single field from a table, with no relational data to associate the bits. I see email addresses with nothing else. I see [email] addresses with nothing else. I see First and Last names, but nothing else. Phone numbers... the same. Then there are loads of obvious blog style records that is used to populate their "news" and such sections (which are obviously on their front page anyway). Where is the damage?

I've looked at over 20 so far and all have been absolutely worthless. Even the ones that didn't hash their passwords (BookData? what site is that, can't even find their landing page and all the logins look to be JP e-mail addresses) I can't find where I'm supposed to log in. Furthermore, some of these look like some automated testing software when I see rows like:

| NULL | NULL | 1031 | 1' and '7'='2 | false | !S!WCRTESTINPUT000003!E! | NULL |

| NULL | NULL | 1033 | 99999999 or 7=2 | false | !S!WCRTESTINPUT000003!E! | NULL |

| NULL | NULL | 1032 | 99999999 or 7=7 | false | !S!WCRTESTINPUT000003!E! | NULL |

Those two filled in columns are username and password by the way. So I'm going to say there's three possibilities:

1) these are completely fabricated tables mixed in with (like you noticed) front page public news items and HTML to make them look authentic.

2) these are legitimate but just plain crappy sites. How is it that they only get ~1200 user records from a site unless the site is so worthless that it only has 1200 users?

3) they have everything. They have sensitive stuff but what they've done is show the targets that they have been compromised by releasing only the sensitive data that won't hurt the small users. Since they are publishing the structure of the databases and the targeted entities know that if you have access to that structure, you have/had access to all of the many user information.

I can't believe Teenfad hashed their passwords but some of these other seemingly more sensitive sites didn't. Who the hell is storing plain text passwords in a database!? Well, I guess we have a list of worthless sites that do it now.

Re:Did anyone look at these "dumps"? (1)

mi_cuenta (523267) | about 2 years ago | (#41131765)

Mod Parent UP. I took a look at about 20 of the "Dumps", they are pieces of uncorrelated information, tables of web pages served dynamically, a few emails from visitors, a few uncorrelated phone numbers, etc. Nothing usable, and definitely nothing anyone worth the name "hacker" would be proud of.

cia services appears to be a HOA (0)

Anonymous Coward | about 2 years ago | (#41131567)

http://ciaservices.com/ [ciaservices.com]

unless it's just a really well concealed CIA front of course.

i have to dump a megaton turd (-1)

Anonymous Coward | about 2 years ago | (#41131607)

im a toilet hacker about to ddos the sewage, bitches

Its really all rather abstract anyways. (0)

3seas (184403) | about 2 years ago | (#41131643)

Money - the abstract representation of value intended to ease trade was never meant to be so manipulated with ever higher levels of abstraction as it has been. In essence its been turned into an abstract tool to transfer real value deceptively.

What other field do you find abstractions? How about the concept of religion/philosophy, Government/kingdoms, Intelligence/military, and of course Economy/financials.... but there is one other.... computer programming. So among other article currently on slashdot you have this one, the story about how damn much money is in the programming industry and one about spying and control of anything that has computer technology in it...

Abstraction abstractions, who got the next one or the meaning change file of double and triple speak?

Population drive change. Today we have over 7 billion people... and yeah.... we are going through a evolutionary change... and its not the first time.

But this time we are all getting tired of the liars and cheats.

Crackers? (0)

Anonymous Coward | about 2 years ago | (#41131671)

Wasn't this a computer equivalent to a bank safe break in?

nee (2)

trudyscousin (258684) | about 2 years ago | (#41131739)

The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies.

(emphasis mine)

Yeah, I'd be protesting against those stupid hackers too. I mean, they got caught? Horrors!

Is no one proofreading these submissions?

Oh teeeheeehehe I support this.... (0)

Anonymous Coward | about 2 years ago | (#41131793)

Wait.. thats my account details... no no burn them in jail!

Yeah. bunch of morons who support this ONLY when it's not THEIR account.

No. (1)

Scorch_Mechanic (1879132) | about 2 years ago | (#41131809)

TeamGhostShell, a team linked with the infamous group Anonymous

No.

This is the single most inflammatory and weaselly-worded sentence in the article, and it's the first frigging one.

Perhaps it's pedantic by this point, but I am tired of stupidity like this and I'm just irritable enough right now to attack some misinformation.
"Anonymous" is not a group. It's not a collective. It's not even an "it". Anonymous is synonymous with "the masses", with a specific connotation of anonymity and being on the internet. I'll grant that XxXTeamNameChosenByMiddleSchoolersXxX is a "member" of anonymous, but that's like saying that Barack Obama is a "member" of the human species, it doesn't mean anything useful.

Stop doing this.

Re:No. (4, Insightful)

VortexCortex (1117377) | about 2 years ago | (#41132131)

I disagree. While I completely understand what you're saying, I think that we should be associating every breach of law with Anonymous. In the short term it makes the name seem more powerful, and the police state can convince us it needs to limit more freedoms to catch members of Anonymous. Over the long term it points out the ridiculousness of hunting down anyone as a "terrorists" simply by labelling them "Anonymous".

Look, it's going to get worse before it gets better. I'd have rather had a better name to rally under when the time comes for that, but one makes do with whatever planet one's on, eh? The sooner it's made apparent to the common folk that "Anonymous" means "average citizen", the better.

Are you now or have you ever been a member of Anonymous?

Protest against what? (0)

Anonymous Coward | about 2 years ago | (#41131833)

"The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies."

Banks, politicians, and hackers were captured by law enforcement agencies?

Pro Under-The-Mattress Hackers? (1)

adosch (1397357) | about 2 years ago | (#41131903)

As much as I'd like to claim same-shit-different-group on this one, what exactly are they protesting? Generally against banks because...you like to keep your money in the place place you stash your Playboy so mom doesn't find it?

Security is inconvenient (1)

erroneus (253617) | about 2 years ago | (#41131909)

... so let's not do that.

Security requires thoughtfulness, planning, good practices and a lot of things they just don't want to do. These are the consequences of bad security.

That there is dirty laundry or information which might be considered controversial or damaging is another matter.... also too bad for them. But if these targetted parties are learning anything at all, it is that tighter security is important so they don't get caught. They are not learing they shouldn't do things which might look bad if they are exposed.

Is there ANY so-called "hacker group"... (0)

Anonymous Coward | about 2 years ago | (#41132125)

... that ISN'T "linked to Anonymous"? I don't know who's the most retarded anymore: their stupid followers or the media.

Also, FYI, the correct term is "terrorists". Not hackers. Get your fucking facts straight or I'll come over and shit in your faces, you dumb nigger donkeys.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...