'SwaggSec' claims hack of China Telecom, Warner Bros.

04.06.2012
A hacking group is claiming to have breached the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials.

Swagger Security, or "SwaggSec," the breach Sunday on Pastebin, providing a link to the files on The Pirate Bay. The group has been active since early this year when it claimed credit for stealing user names and passwords for an ordering system belonging to the contract manufacturer Foxconn, which builds devices for technology companies including Apple.

SwaggSec said the China Telecom data is 900 user names and passwords for administrators on the company's network. The information was obtained through an insecure SQL server, SwaggSec said in its post. The group said it notified China Telecom of the hack by planting a message in the company's network. The SQL server was moved but not fixed.

"Fortunately for them, we did not destroy their infrastructure and rendered millions of customers without communication," SwaggSec said in a note accompanying the data.

The Warner Bros. data includes a report marked "confidential" and titled "Content Security Status Update" dated the week ending April 27. It is an evaluation of the company's websites, including the top 10 sites with the most open medium-risk vulnerabilities. It also lists the top 10 medium to high-risk vulnerabilities on its networks, with the top two being cross-site scripting and unsupported SSL.

If accurate, the data would provide a would-be hacker a strong start to begin probing Warner Bros. websites. The bundle of data included other documents, some of which are dated 2007.