Hacker collective Grey Security, @Gsec_ yesterday released a dump of accounts from the Thai Travel Center website (https://www.thaitravelcenter.com) which hosts a bunch of services and information aimed at helping out people who are travelling around Thailand. The leak has been announced on twitter and posted to pastebin. > Grey Security @gsec_ Thai Travel Center #OWNED – https://pastebin.com/FFUEQshh –#ForTehLulz? #GSecsBackBitch. @TruthIzSexy @Cyber_War_News@An0nPun1shm3nt
the leaked data contains 3 different lots of account data, one lot belongs to the staff and contains usernames, emails and a very common password "3088333" which appears to be the same for most staff accounts. Other data leaked is a list of 1400 user credentials for the sites login which contain usernames, emails and clear text passwords. the leak also has a few SMTP account details which also use the same password as the staff accounts. So as we can see this website has not attempted to implement any security what so ever and its no great surprise they have fallen victim to hackers. https://ozdc.net/archives.php?aid=4239 https://pastebin.com/FFUEQshh