In a hacking incident similar to that on Ashely Madison website, Russian hackers have accessed and compromised user data on 97 websites. According to Hold Security, an internet security firm, the login credentials of users were stolen from these 97 websites by the hackers who primarily speak Russian.
Several of these 97 websites are online dating websites, however none of them is as popular as Ashley Madison. Ashley Madison, the famous online dating portal was hacked by the Impact Team and the data of millions of users was posted in online forums. However, the Russian hackers who are behind the attack on these 97 websites are not associated with the Impact Team.
CTO and Founder of Hold Security, Alex Holden stated that his team was able to locate the stolen information which was stored on a server in batches. According to Holden, the server did not have any password for protecting the information. Holden further added that the hacking instances of these 97 websites began on July 4 2015 and continued until the last week of August.
The information that Holden Securities discovered on the server of the hackers provided a list of the various websites, details of their technical vulnerabilities and few notes that are written in Russian. The vulnerabilities of these websites, commonly referred to as ‘SQL Injection Flaws’ can be exploited easily by hackers even with moderate knowledge and they can then access the information on these websites including user logins and other credentials.
The information on the server posted by hackers include user logins as well as their passwords which have been decrypted and the list of various email addresses. However, the information on the server is not as sensitive and confidential as compared to the data stolen from Ashley Madison.