University of South Wales hacked and 22 Thousand Credentials Leaked by @Darwinare

A hacker who goes by the handle of @Darwinare has claimed to breach the server of University of South Wales( Australia) and leak over 22.5 k credentials of Students and staff on a website.

The hacker seems to be from Anonymous hacking group made the announcement on its official Twitter account.

 The dump contains usernames, logins,  date of births, staff & student Ids and plain-text passwords of the university staff and students.

@Darwinare also left a message and contact details on the leaked data, according to the the hacker:

I am not here to follow. Iam not here to lead! I am not here to follow. Iam not here to lead! I am not here to follow. Iam not here to lead!

Twitter: https://twitter.com/DARWINARE Skype: NoirComics Facebook: http://www.facebook.com/AnonymousMI Target: http://www.unsw.adfa.edu.au/ Info On Target:http://en.wikipedia.org/wiki/University_of_New_South_Wales *Reason: #HFF *Method: SQLi *Vuln: Back End DBMS.

The available databases are as follow:

available databases [23]:
[*] adfapeople
[*] adfapeople_test
[*] backups
[*] confluence
[*] hass_apss
[*] information_schema
[*] mysql
[*] network
[*] ojs
[*] sbus
[*] seit_courses
[*] seit_main
[*] seit_projects
[*] seit_support
[*] statdb
[*] test
[*] unsw_cmu
[*] unsw_hr
[*] unsw_research
[*] unsw_rrto
[*] wordpress
[*] wp_test
[*] wp_test2

Database: adfapeople
[12 tables]
+————+
| account |
| alias |
| cardax |
| course |
| directory |
| jobcode |
| lms_other |
| program |
| staff |
| staffAlias |
| student |
| webct |
+————+

While the complete list of username and passwords, along with the other leaked data can be found on:

 

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.