A hacker going by the handle of Epoch has hacked and now leaked a bunch of accounts from the The Economic Development Association (Scotland) edascot.org.uk. In the release Epoch states they attempted to notify and fix this exploit and they have failed to do so and as a result Epoch has now leaked the data. This should come as a lesson to webmasters who are lucky enough to be told about the exploits in the systems they run by hackers who target them that when a hacker contacts you and offers to fix exploits they have found, take that offer and fix your sites.
Hello guys, I recently hacked Economic Development Association of Scotland and extracted 750-1,000 user accounts for businesses complete with user names and passwords. The administrators user name and password combination are both custom CMS hashes, so if you manage to crack it – congratulations. Login to the administrators panel through edascot.org.uk/admin with the username: 672489 and the password: 6e29482e1dbdcb9f. Here are the other usernames and passwords I extracted. I offered to fix this sites security for them and provided them with an ultimatum. They did not patch their security on their own within 30 days so I am doing what I promised I would do.
The leak has resulted in a few hundred accounts with encrypted passwords being leaked. Leak:https://pastebin.com/xsaWMiGz