cyber Vulnerability

THE STANDARD

Nov 12, 2023 1 min read
THE STANDARD

The Hong Kong English newspaper Standard Hong Kong's website has been compromised by hackers @Cryptolulz666 and @EvoIsGod.

The website's database was compromised, data was published to Pastebin, and the hackers admitted to using a CMS vulnerability for SQL Injection to hack the website.

Only a small percentage of the database's around 12,000 users the majority of the data isn't leaked because of legal issues were made public by the hackers.

The majority of the data in the database, according to @Cryptolulz666, is very private and shouldn't be disclosed for privacy reasons.

Source: https://securityaffairs.com/54696/data-breach/standard-hong-kong-hacked.html

TPRM report: https://scoringcyber.rankiteo.com/company/thestandardth

"id": "the241131123",
"linkid": "thestandardth",
"type": "Breach",
"date": "12/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 12000,
                        'industry': 'News and Media',
                        'location': 'Hong Kong',
                        'name': 'Standard Hong Kong',
                        'type': 'Media'}],
 'attack_vector': 'SQL Injection',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 12000,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'User data'},
 'description': "The Hong Kong English newspaper Standard Hong Kong's website "
                'has been compromised by hackers @Cryptolulz666 and @EvoIsGod. '
                "The website's database was compromised, data was published to "
                'Pastebin, and the hackers admitted to using a CMS '
                'vulnerability for SQL Injection to hack the website. Only a '
                "small percentage of the database's around 12,000 users the "
                "majority of the data isn't leaked because of legal issues "
                'were made public by the hackers. The majority of the data in '
                'the database, according to @Cryptolulz666, is very private '
                "and shouldn't be disclosed for privacy reasons.",
 'impact': {'data_compromised': 'User data',
            'systems_affected': 'Website database'},
 'initial_access_broker': {'entry_point': 'CMS vulnerability'},
 'threat_actor': ['@Cryptolulz666', '@EvoIsGod'],
 'title': "Hack of Standard Hong Kong's Website",
 'type': 'Data Breach',
 'vulnerability_exploited': 'CMS vulnerability'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.