TeamPoison Busts Into The UN, Leaks Passwords

The tech security gurus at the United Nations just got quite a startle: A team of hackers posted about 1000 login credentials for United Nations staff members on PasteBin. Apparently a large number of the passwords were simply blank. Seriously, guys? After LulzSec?

The hackers at TeamPoison reportedly exploited a security vulnerability on the UN Development Program website to obtain the usernames and passwords of UN staff. The group's post on PasteBin accuses the UN of a long list of crimes ranging from mundane corruption to more existential transgressions like trying "to facilitate the introduction of a New World Order and a One World Government" which would necessitate crushing human individuality. Sheesh.

TeamPoison previously hacked RIM's blog to and leaked Tony Blair's private address book. In a separate story this morning, Team Poison has publicly teamed up with Anonymous to launch a hacking operation against banks. [Naked Security via Techmeme]


    Geezzz these geniouses never learn...

    "a One World Government" and there's something wrong with this?... I'm sick of the crap that flies because there are so many differentials in the global political theatre..

    So some of those passwords are blank, while others are 2-4 letters. When public email providers require a more secure password than you use at the UN, something has gone wrong...

    *sigh* I can't believe how many databases are still out there that store passwords. Seriously it's just asking for trouble.

    Take password (of any length greater than 12 and with any type of character), add salt, hash it, store the hash.
    Then the best that hackers can take from your db is just a list of hashes, which can't even be rainbow tabled back into passwords unless they also have your salt and use it to then generate the tables themselves which would take a bloody long time and a huge amount of space!

    Seriously network admins it's not that hard!

Join the discussion!

Trending Stories Right Now