TeaMp0isoN is back — This time with a new approach and a new hack
TeaMp0isoN, a grey-hat security research collective, managed to breach the Business Class Customer Support Portal of TWC (Time Warner Cable) with SQL injection attack.
The hackers not only defaced the website but also snatched database comprising of over 4,000 records. The records included usernames, encrypted passcodes and email addresses.
TWC was quick to respond to this hack attack, which occurred on February 28th, 2016. The official website of TWC according to SoftPedia displayed this message:
About WC Business Class:
WC Business Class is the name of a managed security solution. It provides security software such as anti-virus, anti-spyware, mobile VPNs and firewall. It also offers content filtering and interruption prevention services. The main users of this internet-enabled security center are US-based enterprises. It must be noted that WC Business Class provides software to high-profile clients. Therefore, it can be assumed that the data occupied from this breach must be extremely valuable for the hackers. Such kind of information is in great demand at the Dark Web.
The Announcement from TeaMp0isoN:
TeaMp0isoN acknowledged the breach in an official announcement on Twitter and praised the team members Jimmy, Pesudo, Militis and MLT for the defacement of TWC Business Class homepage. The tweet was then removed. The group also mentioned that they managed to access the TWC backend through an SQL injection defect. Though TWC has implemented a custom backend, it is true that currently SQL flaws are quite common everywhere even in custom-coded platforms.
It seems that the hackers aren’t interested in making money from this data because, in their message, they stated that they have dumped it online. Currently, the link wasn’t working but as per DataBreaches.net, it is true that around 4,191 records have been dumped during mid-January.
TeaMp0isoN was originally founded by Trick aka Junaid Hussain who later joined the ISIS or Daesh terrorist group and killed in a drone strike last year. However, the hackers who breached TWC servers claim they are not affiliated with any terrorist group including Daesh.
TeaMp0isoN is NOT affiliated with ISIS. This pastebin statement should clear any misconceptions up – https://t.co/XI2y7oEjy3
— TeaMp0isoN (@TeaMp0sioN) February 27, 2016
This is not the first time when Time Warner has been hacked. In the past, NullCrew hacked the company’s website against Copyright Alert System. In January this year, user data of over 320,000 accounts with Time Warner Cable were stolen when a hack led to details like email ids and passwords to be compromised.