It appears the University of Queensland has either been hacked by “Nightmare Squad” or the group leaked some data that was easy to find.
@NightmareSquad describes themselves as an “#Anonymous blackhat team fighting for the people of South America.” Their Twitter account has recently announced a number of hacks in Brazil, including some government sites. I tweeted them an inquiry as to why they got involved in an Aussie site, but have received no response so far.
A paste exposes 9 individuals’ e-mail addresses and clear-text passwords. Whether the passwords were stored in the clear or were cracked was not made clear. Nor did Nightmare Squad indicate how they attacked the site or found the data.
Last night, DataBreaches.net sent the university an e-mail notification to alert them to the breach, but has received no acknowledgement as yet, so I tweeted the uni’s Twitter team this morning, who may not even see it if it’s not normal business hours there.