Human Rights Foundation Website Hacked Using SQL Injection And Thousands Of Accounts Exposed

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

The Hungarian Human Rights Foundation website was hacked with SQL injection by Kapustkiy and CyberZeist. They managed to get access to over 20,000 accounts by this data breach.

Kapustkiy told that the data breach was possible with a SQL injection, which provided him with access to databases that included thousands of accounts and personal information which includes phone numbers and home addresses. However some of the accounts accessed were related to the US government (using the @state.gov suffix).

capture

According to the Softpedia reporters, he told them that he already contacted them to report the flaw and the security team said it would investigate the breach, but for the moment, the website still appears to be up and running.

This is not the first time, Kapustkiy found several other vulnerabilities in high-profile websites, including one that allowed him to infiltrate into an Italian government website and access details of thousands of users.

As usual Kapustkiy decided to leak only part of the accounts and give IT administrators more time to fix this issue. However now the website if down with a message “Down For Maintenance. Sorry for the inconvenience, but we are performing a maintenance at the moment.We will be back online shortly!”

capture

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply