Seen on Pastebin, dated January 15:
Hacked By Zyklon #Wonkasec
WonkaSec Temp Homepage: http://trippletoaster.freeiz.com/Index%285%29.htmlTwitter: http://twitter.com/zyclonb4uWebsite Hacked: http://soviethistory.macalester.eduVery small portion of the accounts, the other 90,000+ will be posted here: http://trippletoaster.freeiz.com/DbDump.phpThe accounts with .edu emails are most likely professors, if you are in college and want to possible find youre professors lingin (sic) information check the full Dump and hit “ctrl. f” to type in the wanted name and it will come up if its in the database.Enjoy
What follows the message are 3,634 entries with first and last name, username, plaintext password, email address, and administrator status. The link to the full dump produces an error message here, which may save some people’s personal information from being leaked to even more people, but the Pastebin entry with over 3,600 individuals’ information is still online.
The Macalester.edu subdomain that Zyklon hacked was a resource for studying Russian culture and history and was open to anyone who was interested in the topic. The subdomain currently shows this message:
Disaster hit Seventeen Moments in Soviet History on January 15 in the form of a nasty hacking job. The hackers gained access to registered user information, including passwords. Our hosts have shut down the site to protect themselves and the other sites they host from similar invasions. At present we do not know when the site will be up and running, but we are working on a new version of the site that will be secure from such attacks. We appreciate your patience while we work on repairing the site.
If you ever signed up for that site and if you re-use passwords across sites, change your password(s) on other sites now. Even if your name doesn’t show up in a search of the Pastebin paste, it was likely available on the Internet at some point on or around January 15.
But the Macalaster hack wasn’t the only hack Zyklon announced that week. Zyklon also announced a hack of BigBlueInteractive‘s forum, and posting this screencap of the forum’s message about the incident:
A paste that Zyklon made on Pastebin about the hack has since been removed, so it is not clear whether and how much data were dumped from that hack.
Zyklon also announced a hack of aquamarineboat.com, a site that sells inflatable boats, and dumped what appear to be 2,060 user/customer first and last names, postal and email addresses, and plaintext passwords. DataBreaches.net sent the site a notification today to suggest they get the paste removed and contact their customers to alert them to change their passwords if they re-use passwords. I probably should have also suggested they secure their site better, but I hope that would be obvious.
And then there was pumpsforless.com, who had approximately 460 users’ email addresses and plaintext passwords dumped in a paste by @Wonkasec on January 5th, although it’s not clear whether Zyklon was directly involved in that one. That website, too, has been notified today by DataBreaches.net.