32 edu sites all vuln to the same sql injection vuln….. this is going to be fun
— abdilo (@abdilo_) February 2, 2015
and
.@jessysaurusrex@g33kspeed@sambowne to put your mind at ease here is the amount in all the dbs together from the 0day sqli: 9,468,248
— abdilo (@abdilo_) February 2, 2015
If/when he posts a dump of the institutions, DataBreaches.net will report it.
You’ve seen Abdilo’s name on this blog before, and this is not the first time he’s targeted educational institutions, although he doesn’t confine himself to educational institutions, as this hack of a travel insurance company and his posting yesterday of multiple NHS vulnerabilities demonstrates.
The sites are pasted: http://pastebin.com/yyhT6tzc