After Anonymous had leaked multiple Turkish government sites to The Pirate Bay, the group switched to hacking and dumping material from Booz Allen, a military and government IT consulting company. They exposed nearly 90,000 emails, an SQL database, and some other miscellaneous information from the servers associated with the organization.
The latest dump within the frames of AntiSec campaign was called by Anonymous “Military Meltdown Monday” and was posted to BitTorrent tracker website The Pirate Bay, like all the rest. The hacker group in charge released a statement, introducing their new target: Booz Allen Hamilton.
The targeted company is engaged into contractual work completed on behalf of the US federal government, mostly on defense and homeland security issues, as well as limited engagements of foreign governments specific to American military assistance programs.
So, considering the area of their work, one would expect them to care about security. However, they didn’t.
Hackers managed to infiltrate a server on their network that actually had no security measures in place, where they were even allowed to run their own application. As a result, the list of nearly 90,000 military emails and password hashes were exposed, as well as complete SQL dump. In addition, Anonymous accessed the company’s svn, stealing 4GB of source code, though it was considered simply insignificant and a waste of valuable space.
Aside from the above mentioned info, hacktivists found some related information on various servers they got access to after finding credentials in the targeted system, so they added everything that could be interesting. Finally, the hacker group found maps and keys for different other servers of government agencies and federal contractors, which is supposed to keep them busy for a while. The total dump is around 130MB in size, and it is quite interesting to see its fallout.
The reason for targeting this particular service was explained in an additional statement. Anonymous cited multiple high profile cases of conflict of interests and questionable tactics employed by the organization. But the most interesting part of the statement was an invoice for their audit of the company’s security systems, which Anonymous enclosed to the statement. The bill totaled to farcical $310.00, but Booz Allen would be unlikely willing to pay up.