Some hack for a reason, some hack for no reason and some hack to teach others a lesson — This hack is to teach bad admins a lesson.
A hacker going by the handle of “Websites Hunter” on Twitter breached into the server of Kuwait Automotive Imports Company (Kaico.net) and stole personal details of 10,000 customers on Sunday.
The hacker uploaded stolen data on file sharing website Maga.nz and posted its link on PasteBin. Although Websites Hunter did not mention the reason behind this breach but his Twitter bio can be taken as a reason according to which he hacks sites to“make unqualified IT pay the price of being ignorant.”
Read: Kuwait’ Ministry of Internal Affairs Website Hacked, hacker demands interference in Syria
KAICO – #Kuwait Automotive Imports Co. website (https://t.co/Dhsxivstik) #hacked https://t.co/qb4bms6DkE
— websites-hunter (@websiteshunter) August 28, 2016
Data analysis:
HackRead requested the breach notification and data mining company Hacked-DB to scan the data and below are their findings:
[q]Even the chassis numbers have been leaked[/q]
Upon scanning the leaked data, the researchers at Hacked-DB found it to be legit and never been leaked online before. The data includes personal identifiable information of more than 10,000 customers, their first and last name, email address, mobile, home and office phone numbers, administrators’ credentials with weak MD5 encrypted passwords. Another table holds the vehicle’s registration number, brand, model, year and even the chassis numbers. The most recent records were updated on August 20, 2016.
Leaked details of Kaico’s customers
Admins credential table
Must Read: Anonymous Sends Christmas Greetings to Kuwaiti Crown Prince by Hacking His Official Website
At the time of publishing this article; the leaked data was still available for download on Pastebin.
