Breach, Data Security, Threat Management

Team GhostShell leaks data from 1.6 million accounts

Team GhostShell, an Anonymous-related hacktivist group, has claimed that it leaked 1.6 million account details and records gleaned from dozens of organizations and businesses, including NASA, the FBI, the Credit Union National Association (CUNA) and the Institute of Makers of Explosives (IME).

The collective previously made headlines for posting online the data of 100 top-rated universities, as well as that of 100 websites for banks, consulting firms, government agencies and other institutions across various industries.

GhostShell posted a message Monday on Pastebin about the hack, calling this campaign “Project White Fox.” At the page, the group also listed links to information collected from more than 30 organizations and businesses, which included email addresses, login details, passwords and other personal data hacked from servers.

GhostShell said the campaign would conclude its “series of attacks” on organizations this year by “promoting hacktivism worldwide and drawing attention to the freedom of information on the net.” 

It appears that credit card information from IME, a Washington, D.C.-based institute that promotes safety and security practices among U.S. manufacturers of high explosives, was posted in the GhostShell data dump.

Portions of IME members' credit card details were also allegedly posted online, though IME has yet to confirm whether the information was obtained from its records.

SCMagazine.com reached out to Christopher Ronay, the president of IME Wednesday afternoon, but he was not available for comment.

On Tuesday, CUNA posted a release on the company site, cuna.org, notifying its users of the “broad hacking attack” that occurred. Bill Cheney, the credit union association's president and CEO, claimed that no sensitive personal information from its site was accessed or compromised by hackers.

“However, we are contacting all users of our website to advise them of the breach,” Cheney said. “Further, we will continue to analyze the information posted online by the group, as well as continue to validate that no other risks exist. We will also continue to monitor our website and take increased security measures to ensure it is safeguarded.”

Other targets of Project White Fox include the European Space Agency and several U.S. government contractors and agencies. 

UPDATE: In an email to SCMagazine.com Thursday, Ronay said that IME staff "reviewed the post and do not find any sensitive information or credit card data compromised," by the hacking group. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds