A PBS NewsHour blog late Sunday proclaimed that murdered rappers Tupac Shakur and Biggie Smalls were still alive and living in New Zealand. No, NewsHour did not have an exclusive, but were the targets of malicious hackers who broke into the PBS servers and defaced the site. The group responsible, called Lulz Sec, also posted online what appeared to be more than two thousand PBS passwords and login IDs.
PBS was working to regain control of its site about seven hours after notifying users on Twitter and Facebook it had been hacked. At the time of this writing, however, Lulz Sec was still actively posting items on blogs.pbs.org. The group also claimed on Twitter that PBS couldn’t do much to shut them out.
Lulz Sec said it broke into PBS.org in response to the way a recent Frontline episode entitled Wikisecrets portrayed the whistle-blowing site, Wikileaks. Lulz Sec says it is not affiliated with the hacker group Anonymous, despite both groups’ respect for Wikileaks.
Lulz Sec also posted online what the group claimed were user IDs and passwords for the PBS MySQL database, as well as login credentials for affiliate stations, PBS reporters, Frontline staff, PBS staff and administrators, and a map of the PBS internal network. It’s not clear if any other data was taken or if the malicious hackers simply wanted to embarrass the network.
More To Come?
This is not the first time Lulz Sec has caused havoc online. The group recently exposed a database from a Japan-based Sony site and also broke into Fox.com in mid-May. Lulz Sec isn’t finished with its shenanigans either. The group is promising more attacks against Sony sites within the next 24 hours in an operation it is calling Sownage (Sony + Ownage).
Corporations and other large organizations are finding themselves increasingly vulnerable to malicious hacks from pranksters or serious criminals. Defense contractor Lockheed Martin recently revealed it was the target of a cyberattack, but claimed it had repelled the intruders and protected its data.
The Lockheed Martin attack was the result of a previous intrusion against RSA Security that compromised the company’s SecurID two-factor authentication product.
A March break-in against Epsilon Interactive, the world’s biggest email marketing firm, exposed the customer names and email addresses for dozens of high profile companies such as JPMorgan Chase, Capital One, US Bank, Citigroup, and Walgreens.
In late April, malicious hackers stole a few megabytes of data from the Oakridge National Laboratory, funded by the U.S. Department of Energy. Finally, the now infamous Sony PlayStation Network hack, which shut down the online gaming network for nearly four weeks, still has the company reeling from a lot of bad press and disgruntled users.