A new scandal is brewing. According to Harald S. Klungtveit and Anders Johansen Holth of Dagbladet in Norway, hackers have downloaded the entire database of 26,000 users of a sex-exchange (prostitution) site, Hemmelig.com. [Update: see the Comment below this post for a better description of the site; the commenter says that it is not a prostitution site.]
The hackers, who refer to themselves as Team Appunity, are reportedly threatening to release the entire database. A Google translation of the Dagbladet report reads:
We downloaded almost all files, including images, and almost the entire database with messages and user information. It was not well secured, it took us a maximum five minutes of “work,” writes one person with access to the base, to Dagbladet in an email.
The sex-hits your site is most of the approximately 26 000 users registered with a cell phone number. Many of the numbers can easily be connected to their real identities, along with thousands of intimate messages users have sent to each other.
Calls all the way back to 2005 – often on prostitution, unusual sexual preferences or prolonged infidelity – is part of the material. A large percentage of users appear to be clients whore, but many have only been looking for noncommittal sex without payment.
Dagbladet has previously written that content from Hemmelig.com can be traced to, among other politicians, officers in the military, people in the security industry, Captain, doctors, lawyers, celebrities and business leaders.
Read more on Dagbladet.
The hack was announced by the hackers this morning on Twitter:
A Google translation of the tweet indicates that they claim to be in possession of 28,642 users’ information (28,209 with telephone numbers and all with e-mail addresses), 376,602 private messages, and 3,588 images.
At the time of this posting, hemmelig.com has a message saying that the site is temporarily unavailable.
Update: As of Dec. 22, the database appears to have been published on at least one two three a number of torrent sites for download.
It is not so easy to get it published when politicians are involved. Someone i know got in real trouble when some info he obtained belonged to a Norwegian general. He didn’t even publish it and it wasn’t sensitive info, it was just personal information.
Actually, it’s very easy. Pastebin.com, for example.
I agree with the Admin. Hackers have no boundaries when it comes to the world. What may be grabbed from Norway can be published in any other country. I am sure they have some morals, and are smart about what will happen when this goes public.
If something like this hits the streets and there is any chance of the government or hired consultants being able to trace back to the hackers that did this, then I am sure the expense is not an issue.
There is a fine line here. How many have security clearances and work for the military? How many have families that simply will not tolerate this type of behavior? Can’t forget about that shining star politician that will probably be flushed next election.
I would be highly surprised if the investigation wasn’t already in full swing, and they are about ready to have doors busted in to catch the crew that did this.
It’s kind of crazy to think of it this way but, if THIS is what it takes to get a rise out of the security incident teams to go after hackers and straighten out the retail and government worlds, then so be it. A Large High Profile case is just what the world needs. That will make corporations heads turn and potentially think that the possibility exists that they may be next.
People get way too comfortable in an environment that is protected by “1’s” and “0’s”. A False sense of security, without knowing what type of security is on the inside/outside of an organization is like playing with liquid nytroglycerine. Whatever you put in a semi public domain may be exposed. Thats the bottom line.
This is just bullshit. Anyone who dares publish this list will get executed.
My bet is that it will be published on a dump site. Will the data dumpers/hackers be caught? I wouldn’t be surprised. But yes, I think if they have the data, they’ll post it. We’ll just have to wait and see, I guess.
It appears to be already up on the web.
It is mentioned in the above article, but I just would like to stress that the site was NOT a prostitution site. Yes, some prostitution have been facilitated through this site, but who knows which of those agreements resulted in action, which never did, and which only was some sort of roleplay. In addition, prostitution was legal in Norway several years after this site opened.
And many, many users never touched the subject of prostitution at all, but sought to meet other people for mutual pleasure. The cosequences of outing all this people, can be absolutely horrific. Broken families, broken careers, even suicide. Young girls, playing with the idea of selling sex, posting a less than serious ment ad … suddenly marked as a prostitute for life. Suicides will be very likely.
The government is, wisely so, dead scilent about this scandal, but I suspect that several agencies are working around the clock to minimize the effects of this crime. Lets just hope they can stop the planned phase 2 leak, thats when it would get really ugly.
Thank you for clarifying the nature of the site. I was relying on translations that are not always exact.