Some cybercrime reports out of Germany in the past 48 hours (translated):
The city administration of Ebeleben was the victim of a massive hacker attack on Wednesday. All servers are out of order, it says from the town hall. For this reason, the city administration will remain closed until Tuesday, March 16, inclusive.
Read more on Thüringer Allgemeine
Elsewhere, SEO-Küche, an agency for search engine optimization, web shops and web design, reportedly had a misconfigured backup that exposed 7.4 GB of data. The leak was found by a researcher who contacted c’t magazine, who confirmed the exposure and reported (translated):
The company had over 200 employees managed in the database – more than 100 of them were still employed there, the others had left the company according to the data records. The private address, contact details and weekly working hours were stored for each employee. Vacation planning and time recording also took place in the database. Apparently, the clock was stamped in and out online and, in addition to the time, the IP addresses were also logged when the time recording was used. Missed days also ended up in the system. In addition to the employees, more than 200 media consultants were busy acquiring customers for the company.
The customers were also neatly managed here – from the first conversation to invoicing, the database contained everything that a customer relationship had incurred. A total of 5118 address data records were in the database.
And yes, passwords were in plain text.
Read more on c’t magazine.
All via the always-wonderful @Chum1ng0.