Add the National Accountable Care Congress to this week’s list of hacks. A dump of almost 900 users’ information includes their usernames, first and last names, e-mail addresses, company, city, state, and zip, password, and their join date and expiration date for their account – all in plain text.
SLC Security, which first reported the breach, notes that data are showing up on other sites as well as a common dump site where this blogger found it.
DataBreaches.net attempted to reach the Accountable Care Congress via its online submission form to alert them to the claimed hack, and will update this post if a response is received.
The data dump was posted today by someone calling himself/themselves “Absorb,” but the site had been reported as vulnerable back in July and then again in November of 2014 on crdpro.su. Another hacker, “Hamid,” also claimed to have hacked the site, but the site where that claim is posted is not available at this time, so it’s not clear when that might have occurred.