Australian Police Database Lacked Root Password

Concerned Citizen writes "The Australian Federal Police database has been hacked, although 'hacked' might be too strong a word for what happens when someone gains access to a MySQL database with no root password. Can you be charged with breaking and entering a house that has the door left wide open? Maybe digital trespassing is a better term for this situation. 'These dipshits are using an automatic digital forensics and incident response tool,' the hacker wrote. 'All of this [hacking] had been done within 30-40 minutes. Could of [sic] been faster if I didn't stop to laugh so much.'"

It's still breaking and entering

[rm999]

"Can you be charged with breaking and entering a house that has the door left wide open?"

Nothing has to be "broken" during a breaking and entering. Not everything is so literal. As long as the person maliciously entered the system with the knowledge he didn't belong in there, it would be a virtual breaking and entering.

AU judges often don't have passwords on their PCs

[wheels4me]

The judges in AU are on a network that does not have a requirement that all users have passwords. Thus, many judges don't even password protect their PCs that are net-connected. It is no surprise that their db got hacked with the abysmal lack of security on the judicial network.