A hacker affiliated with Anonymous claims to have broken into the websites of 18 Italian universities from where he extracted sensitive information.
The hacker who uses the online handle of LulzStorm, a reference to the defunct LulzSec hacking outfit, has uploaded part of the stolen data in a torrent.
“Today is a great day for us all, and a very bad one for italian universities. Their sites are full of weaknesses. Some of them even think being secure, so they don’t mind hashing their passwordz,” he writes.
Indeed, password hashing has been the standard in web development for years now and there is no excuse for not using it, especially on websites that deal with other people’s information.
“And you, Italian people, are giving all your data to idiots like these? Is it a joke? Change your passwordz, guys. Change your concept of security, universities.
“We could have leaked much more. We could have destroyed your db and your network. Were you ready for this?” LulzStorm adds.
The hacked websites include unisi.it, unisa.it, uniroma1.it, anotonianum.eu, econoca.it, uniba.it, unibocconi.it, unifg.it, unime.it, unimib.it, uniurb.it, unibo.it, unipv.it, unina2.it, unile.it, polimi.it, unito.it, and unimo.it.
The reason for hacking university websites is not clear. It could be in retaliation to the actions of the Italian police which two days ago arrested three suspects believed to coordinate the local Anonymous chapter.
The hacktivist collective is also currently engaged in a hacking campaign called Operation Antisec, however this is supposed to only target corrupt governments and associated organizations.
Security researchers have already dubbed 2011 the “year of hacking” because of the many compromises and leaks that occurred during the first six months. New websites and companies are being hit on a daily basis now. Source : Softpedia