More Than 50,000 Accounts Have Been Hacked from ITWallStreet.com

by Tseng H. K.
The article I read this week is “Hacker claims breach of 50,000 accounts from Wall Street IT recruiting firm” by Jaikumar Vijayan. On July 18 2012, a hacker named Masakaki who’s a member of a group called TeamGhostShell hacked into ITWallStreet.com. ITWallStreet.com is a website for who are seeking IT jobs in Wall Street firms. The hacker breached into resume database and snipped out more then 50,000 accouts with highly detailed data including person’s userID, name, phone number, address, and email.The list contains most of the major Wall Street firms including Morgan Stanley, Goldman Sachs, Nasdaq, Dow Jones, and etc. Interest fact I found from article was that candidates have ranged from 40,000 to 400,000 for their salary. And everyone from entry-level junior developer to senior technology executives.

In the class, we have discussed about data securities and I have seen many students in our class posted about data security related article many times. People used flat file format in old ages, but we changed to database mainly because security issue (and better performance). I believe we are going to learn more about data securities in later chapters.

This article shows how important database security is, more than 50,000 people’s private data leaked by a one hacker. The article has briefly mentioned around 3,000 resume has already been out there to be traded in black market. If I was one of the candidates, I would be very worried about someone steals my private information.

Citation:
Jaikumar, V (July 18,2012) Hacker claims breach of 50,000 accounts from Wall Street IT recruiting firm http://www.computerworld.com/s/article/9229336/Hacker_claims_breach_of_50_000_accounts_from_Wall_Street_IT_recruiting_firm

3 thoughts on “More Than 50,000 Accounts Have Been Hacked from ITWallStreet.com”

  1. Reading this article reminded why its important to have good data security. I would definitely be worried if I was one of the people who’s personal data got stolen. Hearing stories like this makes me eager to learn about security and how one would help prevent attacks like this from happening.

  2. Interesting article, I just commented on another article where I stressed how possible the mobile database may make a hackers life easier. I hope we learn more about how to protect our databases in the future as well because if only one man could do this…. Imagine a group of hackers with a cause.

  3. I believe that SQL injection automation tools like SQLMap and Havji are used to make these hackers lives so much easier. While I believe that database security is important, most SQL injection attacks occur because queries are not properly sanitanized by the web application. I found the link that TeamGhostShell used to post the leaked information.
    http://pastebin.com/BuabHTvr

Comments are closed.