Christmas has been fairly eventful so far and to keep things going Turkish Ajan (Agent) Hacker Group member @Maxn3y has just contacted us with a breach on an automotive based website server. The breach is in Renault Bulgaria(renault.bg) sub domains and partner sites and has resulted in 6 defacements as well as thousands of emails from a newsletter and the administration accounts for dealerships around Bulgaria. The newsletter list contains 27,000 emails but only 6000 are not duplicated. The leaked admin accounts are in the format of usernames, user passwords and other site related information and all passwords are encrypted. The leak was uploaded to rapid share and is a 102kb compressed file with two txt files, one that contains the administration account details and the other contains the newsletter details. The defacement contains a a short message and a video as well as the common message we often see on the defacements done by @Maxn3y. List of sites defaced and the mirrors for them. – https://dacia.bg
- https://www.zone-h.org/mirror/id/18805975
- https://partners.renault.bg/index.html
- https://www.zone-h.org/mirror/id/18806110
- https://newsletter.renault.bg/index.html
- https://www.zone-h.org/mirror/id/18806109
- https://welcome.dacia.bg/index.html
- https://www.zone-h.org/mirror/id/18806111
- https://welcome.renault.bg/index.html
- https://www.zone-h.org/mirror/id/18806112
- https://configurator.renault.bg/index.html
- https://www.zone-h.org/mirror/id/18806108
Over the past year we have seen many other high profile attacks and data leaks from @Maxn3y, you can see them all here.