DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

And then I stumbled across these hacks by Zyklon

Posted on February 3, 2015 by Dissent

Seen on Pastebin, dated January 15:

Hacked By Zyklon #Wonkasec

WonkaSec Temp Homepage: http://trippletoaster.freeiz.com/Index%285%29.html
 Twitter: http://twitter.com/zyclonb4u
Website Hacked: http://soviethistory.macalester.edu
                Very small portion of the accounts, the other 90,000+ will be posted here: http://trippletoaster.freeiz.com/DbDump.php
The accounts with .edu emails are most likely professors, if you are in college and want to possible find youre professors lingin (sic) information check the full Dump and hit “ctrl. f” to type in the wanted name and it will come up if its in the database.
Enjoy 😉
What follows the message are 3,634 entries with first and last name, username, plaintext password, email address, and administrator status. The link to the full dump produces an error message here, which may save some people’s personal information from being leaked to even more people, but the Pastebin entry with over 3,600 individuals’ information is still online.
The Macalester.edu subdomain that Zyklon hacked was a resource for studying Russian culture and history and was open to anyone who was interested in the topic. The subdomain currently shows this message:
Disaster hit Seventeen Moments in Soviet History on January 15 in the form of a nasty hacking job. The hackers gained access to registered user information, including passwords. Our hosts have shut down the site to protect themselves and the other sites they host from similar invasions. At present we do not know when the site will be up and running, but we are working on a new version of the site that will be secure from such attacks. We appreciate your patience while we work on repairing the site.
If you ever signed up for that site and if you re-use passwords across sites, change your password(s) on other sites now. Even if your name doesn’t show up in a search of the Pastebin paste, it was likely available on the Internet at some point on or around January 15.
But the Macalaster hack wasn’t the only hack Zyklon announced that week. Zyklon also announced a hack of BigBlueInteractive‘s forum, and posting this screencap of the forum’s message about the incident:
BBI
A paste that Zyklon made on Pastebin about the hack has since been removed, so it is not clear whether and how much data were dumped from that hack.
Zyklon also announced a hack of aquamarineboat.com, a site that sells inflatable boats, and dumped what appear to be 2,060 user/customer first and last names, postal and email addresses, and plaintext passwords. DataBreaches.net sent the site a notification today to suggest they get the paste removed and contact their customers to alert them to change their passwords if they re-use passwords.  I probably should have also suggested they secure their site better, but I hope that would be obvious.
And then there was pumpsforless.com, who had approximately 460 users’ email addresses and plaintext passwords dumped in a paste by @Wonkasec on January 5th, although it’s not clear whether Zyklon was directly involved in that one. That website, too, has been notified today by DataBreaches.net.

No related posts.

Category: Business SectorEducation SectorHackU.S.

Post navigation

← Ex-RadioShack worker accused of stealing nude phone photos
The FTC’s requested budget: implications for data security enforcement cases? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban
  • 20 States Sue HHS to Stop Medicaid Data Sharing with ICE
  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report