The Australian Nuclear Science and Technology Organization (ANSTO) was breached by hackers who stole scientists’ usernames and passwords.
The Register reports that systems hosting the web portal was targeted, this is what is used by researchers from ANSTO and other third parties, the hackers managed to steal usernames, email addresses, and hashed passwords.
An email that was sent to users of the Australian Synchrotron User Portal suggests the attack occured on January 27, but there is no further mention of how the hackers got in. Users are advised to change their passwords. It is not currently known which hashing algorithm was used to one-way encrypt the passwords, fingers crossed it’s not the depressingly popular MD5 algorithm
If the passwords were to be cracked, any who have reused the same password and email combination on other websites could lose control of those accounts too.
It should be clarified that the database is isolated from the nuclear reactor that’s also on the campus where ANSTO is located.
