Team Ghostshell leaked 1.6 million accounts on pastebin today. According to the dump, the leaked accounts belong to “aerospace, nanotechnology, banking, law, education, government, military, all kinds of wacky companies & corporations working for the department of defense, airlines and more.” The companies included in the dump (names listed taken directly from the readme) included The European Space Agency, NASA’s Engineers: Center for Advanced Engineering, Crestwood Technology Group, Bigelow Aerospace, California Manufacturers & Technology Association, Aerospace Suppliers, World Airport Transfers, General Dynamics Defense Systems, Zero-Max, MicroController Shop, Jp Chem eData, Human Security Gateway, NanoConference, Hamamatsu, HMI CronPowder, Texas Bankers, and more.
The attacks were in response to this week’s International Telecommunication Union meeting which Ghostshell feels will turn the Internet into a “governmental police-state”.
Ghostshell noted in the dump that they have notified several of the victims via email:
“We’ve sent an email (from firstname.lastname@example.org) to the following: ICS-CERT Security Operations Center (email@example.com) Homeland Security Information Network (HSIN) (firstname.lastname@example.org) Lessons Learned and Information Sharing (LLIS) (email@example.com) FBI – Washington Division (firstname.lastname@example.org) FBI – Seattle (email@example.com) Flashpoint Intel Partners (firstname.lastname@example.org) Raytheon (email@example.com) Since NASA is also mentioned there, we also sent it to (firstname.lastname@example.org) which turned out to be the email address of Langley: http://www.nasa.gov/centers/langley/about/contact.html And finally to (email@example.com) who apparently is working for the Technical Reports Servers. (Updated* Forgot to mention that the email will also contain another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA, etc. consider it an early Christmas present from us).”