Hackers Dump Millions of Records From Banks, Politicians

hypnosec writes "TeamGhostShell, a team linked with the infamous group Anonymous, is claiming that they have hacked some major U.S. institutions, including major banking institutions and accounts of politicians, and has posted those details online. The dumps, comprised of millions of accounts, have been let loose on the web by the hacking collective. The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies."

Great plan

[masternerdguy]

Yes let's ruin millions of innocent lives to protest the arrest of criminals!

Re:Great plan

Look on the bright side--it's a step above their usual tactic of protesting censorship by DDOSing websites that say things they don't like.

Re:Great plan

[phantomfive]

I consider it a protest against bad security......

Re:Great plan

[jhoegl]

How do you know it is going to ruin lives when you havent even gone through it?
Perhaps it contains information that shows what we have been expecting all along, some of our senators are corrupt, they want to create laws to spy on everyone so that they can find people who know about them, and the same with corporations.
Wake up people, we live in a corporate run society, we are losing freedom in the false name of capitalism, we are losing our humanity to money.

Re:Great plan

[djnanite]

I consider it a protest against bad security......

And will you still be supporting their actions when you find your own personal bank details on that list?

Seriously - this just causes hassle for *everyone*, and is not a good way to drum up support for your ill-defined and unfocussed protest.

Re:Great plan

[Yvanhoe]

As someone exterior from the US, there is something I don't understand... What do people wait to file a class action to protest against bad security in banks ?

Re:Great plan

[Gordonjcp]

I really hope my bank details *are* on the list.

Perhaps then some random Nigerian general or doctor or prince or whatever will pay off my overdraft.

Re:Great plan

[Darkness404]

Exactly. The sort of nice thing about this is, its public. You can see, you KNOW if your account is breached, its really done in a non-malicious way. I'd much rather have my personal information leaked in a big leak like this than have some guy accessing my account and I have no knowledge about it.

Re:Great plan

[kiwimate]

How do you know it is going to ruin lives when you havent even gone through it?

Have you ever been through a car/motorcycle accident? I have - how can you understand it if you haven't? Of course, it doesn't take a personal experience to understand that a car running into you is going to hurt, probably break some bones, that kind of thing.

It's not that difficult. You don't have to go through having your identity stolen to be able to understand the impact.

Re:Great plan

[Jane+Q.+Public]

"And will you still be supporting their actions when you find your own personal bank details on that list? "

Damned straight I would. That would give me direct evidence that my bank was not properly protecting my money, and give me very good motivation to start (or join) a lawsuit.

If the banks' security is shit, it's good to know about it. Better it be public than found by some criminal organization that will just steal it all and disappear.

Re:Great plan

[fustakrakich]

You're right... Only the state has the right to ruin millions of innocent lives.

Re:Great plan

[Jane+Q.+Public]

"What [why?] do people wait to file a class action to protest against bad security in banks ?"

They haven't. It is discussed a lot here on /., for example, and it was brought up in the Wall Street protests. We just haven't been listened to.

But in order to actually file a suit (something they are liable to pay attention to), one must show that there have been damages.

Re:Great plan

[vlm]

How do you know it is going to ruin lives when you havent even gone through it?

That is an excellent question. I'll have to download the data and grep for my info. Anyone connected to my paper checks, as recipient or store clerk or garbage man, already knows my name, address, bank name, and bank account number, and at least one recently written check number. Allegedly this is why Knuth stopped sending out personal checks in return for finding errors in his books. Given the thousands, maybe tens of thousands of people with access to this data who've done nothing to me and the only person I've ever heard even mention it is Knuth, I donno if its a serious concern.

Re:Great plan

[Jane+Q.+Public]

"Wake up people, we live in a corporate run society, we are losing freedom in the false name of capitalism, we are losing our humanity to money." [emphasis added]

At least you do say "false". But I would prefer that you leave "capitalism" out of it. The people that are doing aren't calling it "capitalism", and at least in that sense they are more correct than their detractors.

Capitalism has nothing to do with this. Greed, corruption, monopol, and cronyism are not part of capitalism. Not even close. In fact, real capitalism cannot exist in an atmosphere that is so rife with these things.

Re:Great plan

That sounds very much like the "no true communist state has ever existed" (i.e. No True Scotsman) line.

As long as human beings are involved, all the typical vices attributed to greed occur, and Capitalism is no different. The best you can say is that Capitalism when practiced by humans is an abject failure, due to the complete inability of its self-correcting factors ("invisible hand" via competition and intelligent actors) to have any effect.

Re:Great plan

[TarPitt]

Because Americans believe government regulation is bad and markets are good.

So instead of having job-killing freedom-strangling government regulations requiring better security, Americans wait until after their personal information has been compromised and publicly posted, then use the tort system to obtain economic compensation for the resulting damages.

Or they will until the tort system is crippled for killing jobs and crippling free enterprise.

Re:Great plan

[phantomfive]

lol we need grammar nazis in the world, but do you realize your attempt has worse grammar than the original?

Re:Great plan

[phantomfive]

And will you still be supporting their actions when you find your own personal bank details on that list?

YES, I will, and I'll tell you why.

A public release like this lets me know, lets everyone know, there's a problem. I'd much rather have someone hack and release the details publicly than hack and steal all my money.

Re:Great plan

[Smallpond]

Dear Nigerian citizen. I am the son of the late US President Ronald Reagan. I have recently come into the possession of the sum of FIVE US DOLLARS which I need your help in hiding from the US Internal Revenue Service ...

Re:Great plan

[Jane+Q.+Public]

"It can be done without putting peoples money at jeopardy."

Really? And how would you do that, such that people really paid attention and it wasn't buried in a 1-inch news story on page 7?

I eagerly await learning about this brilliant plan.

Re:Great plan

[Nutria]

This is the critical point: American jurisprudence is designed to be reactive, not proactive.

Re:Great plan

[Jane+Q.+Public]

"This is the critical point: American jurisprudence is designed to be reactive, not proactive."

Yes, it certainly is. It inherited that (as did many other countries) from European Common Law. It's not like that's unique or even unusual.

Arguably, that's the way it should be, in a society that promotes freedom over government control.

Re:Great plan

[AliasMarlowe]

Dear Nigerian citizen. I am the son of the late US President Ronald Reagan. I have recently come into the possession of the sum of FIVE US DOLLARS which I need your help in hiding from the US Internal Revenue Service ...

Try for MINUS ONE HUNDRED THOUSAND American Dollars instead. Maybe you'll get lucky...

Re:Great plan

[arfonrg]

Because lawsuits costs money... It takes THOUSANDS of dollars to pursue a civil suit and most people can't afford it. On top of that, class action suits are usually brought about by a lawyer(s) who really could care less about justice and care more about taking a percentage of the gains so, they take a gamble.

It's not a fair system but, it's better than nothing and could be much worse.

LAWSUIT RULE 1: The only people who win are the lawyers.

Re:Great plan

[AliasMarlowe]

Capitalism has nothing to do with this. Greed, corruption, monopol, and cronyism are not part of capitalism. Not even close. In fact, real capitalism cannot exist in an atmosphere that is so rife with these things.

Ahem, greed is central to capitalism. On the other hand, corruption and cronyism are indicative of a failure of regulation rather than of the economic system (whether capitalist or not), and monopoly is potentially but not necessarily an evil.

Re:Great plan

[Nutria]

European or English Common Law?

Re:Great plan

[Sarten-X]

"No true communist state has ever existed" is not a No True Scotsman fallacy.

No True Scotsman is where the experimental grouping is based on the results of the experiment. As a more obvious example, consider giving all of the participants in a drug trial the same medication, then splitting them up afterward based on whether the drug worked or not. In the had-a-good-effect group, 100% of the trial patients had a good effect! Amazing!

The classification of political states, however, is a different issue. No true political anything has ever existed. Dictatorships aren't true dictatorships, because the dictators don't directly control absolutely everything for everyone. Communism isn't true communism, because the people making decisions have always been held in higher regard than the people making toilets. Capitalism isn't true capitalism, because there is always regulation and corruption getting in the way of an informed public. Monarchies aren't really monarchies, because there are always parallel power structures that don't fall into the nicely-defined hierarchy.

The fallacy here (for which I do not recall a proper name, and can't be bothered to look it up) is a confusion (intentional or not) between ideals and realistic implementations of systems. It's easy enough to say "in a Communist system, everyone is valued equally," but much more difficult to actually convince a nation of people to consider everyone perfectly equal. The ideal, however, does make for an interesting philosophical discussion, just as the real implementation makes for an interesting sociological discussion. With the insights from both, perhaps a political system can be devised that accomplishes the goals of the ideal system, while accommodating the pitfalls of the real implementation.

Re:Great plan

[girlintraining]

As someone exterior from the US, there is something I don't understand... What do people wait to file a class action to protest against bad security in banks ?

Ignoring the grammar, it would be because the US Supreme Court deleted citizens' ability to join class action lawsuits because it cost corporations too much.

Re:Great plan

[VortexCortex]

"It can be done without putting peoples money at jeopardy."

Really? And how would you do that, such that people really paid attention and it wasn't buried in a 1-inch news story on page 7?

I eagerly await learning about this brilliant plan.

Simple, when they have requirements on password length or character sets, then they're not hashing or encrypting passwords. Then you sue them for negligence, inform the media that instead of the story, "Up next: What common product under your sink could be killing your babies?", they should run, "Up next: Find out why banks are sharing your account passwords with thousands of people.", before they have a word from their sponsor.

I only have the time/money to write nasty emails and talk to branch managers when I visit. Their answer is that people forget their passwords, and they need to see the password to tell them what it is, or help with customer service -- They shouldn't EVER need to do that either. Also: if there's a login form on a page that's not HTTPS -- It's vulnerable to SSL Strip among other MITM attacks. They won't hire a "security researcher" to help AND also listen to what they have to say because That's wilful negligence.

I'm aware that they could be applying character set rules before submitting the data to improve entropy, but there's no reason to limit the length to 6 to 12 characters.

Re:Great plan

[Jane+Q.+Public]

"Simple, when they have requirements on password length or character sets, then they're not hashing or encrypting passwords. Then you sue them for negligence, inform the media that instead of the story, "Up next: What common product under your sink could be killing your babies?", they should run, "Up next: Find out why banks are sharing your account passwords with thousands of people.", before they have a word from their sponsor. "

I've tried it. Doesn't work.

My (then) bank had a huge security hole in their online banking. I contacted the bank several times, and even went to the main branch in person, to show people what the problem was. I talked to their own programmers. They all agreed "This is a huge problem and we need to deal with it right away."

Did they? No. And after multiple contacts over multiple months, I finally decided to go to the media with my story. Guess what? The news media wanted nothing to do with it.

No... sorry. You are assuming they are reasonable people. They aren't. This is the only way they'll pay attention.

Re:Great plan

[Jane+Q.+Public]

And just to be clear: this wasn't even your typical, hackable, "security vulnerability". This flaw allowed ANYBODY who knew about it, with no programming skill whatever, to get name, account number, address, and telephone for anybody's bank account.

Re:Great plan

[neonKow]

My favorite piece of advice I've ever heard about riding: "Ride as though you are invisible and everyone else is drunk."

(Also applies when trying to drive a vehicle of any sort in the DC area.)

Re:Great plan

[Jane+Q.+Public]

"European or English Common Law?"

Haha. Pardon me. English of course. Once in a while American obtuseness does rub off, even on me.

Re:Great plan

[sjames]

Unless the banks slip something in on page 235 of 'the agreement' in micro-print that prohibits it.

Re:Great plan

[Jane+Q.+Public]

"Ahem, greed is central to capitalism."

It is nothing of the sort. As Adam Smith defined capitalism (although he didn't use that exact word; it was coined later as a general name for his concepts), greed has no part in it whatever.

Free-market capitalism (again, Adam Smith and what most people mean when they say "capitalism", since in fact he defined it), has to do with voluntary exchange of goods. It is possible for people in a truly free market to be greedy, but their business will suffer as a result. If people feel ripped off, they cease to do business. That's what voluntary means.

True, sustained greed cannot come about without government collusion. When there are controls and regulation, and people no longer have a choice. That is when monopoly, oligopoly, and corporate greed can breed.

And that's not capitalism.

Re:Great plan

Because Americans believe government regulation is bad and markets are good.

So instead of having job-killing freedom-strangling government regulations requiring better security, Americans wait until after their personal information has been compromised and publicly posted, then use the tort system to obtain economic compensation for the resulting damages.

Or they will until the tort system is crippled for killing jobs and crippling free enterprise.

That's why Americans have a whole lot more market regulations when compared with some "socialist" european countries, the difference is that your regulations only preserve the absence of competition (wtf do you think patents are?).
Stop pretending the inexistent american liberalism is at fault because there is not much liberalism left in the world and it sure as hell is not in the US of A.

Re:Great plan

[Jane+Q.+Public]

"Where there is no oversight of the market, choice inevitably evaporates."

No responsible parties are advocating "no oversight" of the market. You should read Adam Smith. Even he recognized, way back then, that a reasonable body of antitrust law would be necessary to keep people playing within a real capitalist system.

So there is no great revelation here. Anybody who is seriously talking about Adam Smith free-market capitalism has to accept that there must be SOME regulation. But responsible regulation is not willy-nilly, as it is today; it is limited to antitrust concerns.

"We have banking regulation because the lack of it caused people to be wiped out in the great crash of '29."

Absolute bollocks. Government intervention, in concert with Fed policy, CAUSED the crash of '29. The economists who were saying so were completely correct about what would happen (it WAS predicted)... government and other "interventionist" economists continued to say the economy was FINE... up to Irving Fischer's famous declaration that the economy had never been healthier, the very day before the big crash.

"Things went OK for quite a while, then those regulations got rolled back and here we are with another crash."

Once again, it wasn't lack of regulation that caused the crash. Wall Street had never been more heavily regulated! It was IRRESPONSIBLE regulation, not lack of regulation, that caused it.

If you want a real culprit, who without any doubt contributed greatly to the crash, you need look no further than Barney Frank.

But no... I am not prepared to debate that on Slashdot. There have been whole books written about it.

Re:Great plan

[psiclops]

so i'm guessing you'd be glad that it was released publicly, otherwise well - you wouldn't have known to call your bank.....

Re:Great plan

[grumling]

Surely those born with a small penis will be anxious to complain about that in court.

Ah yes, the case of "The size of the boat v. The Motion of the Ocean."

Re:Great plan

[SydShamino]

The SCOTUS ruled that clauses slipped into contracts prohibiting class action lawsuits are valid. In other words - there are some rights that you can't give away in a contract, but the right to join a class action lawsuit isn't one of those.

Now, some companies have already started changing their one-sided take-it-or-leave-for-our-competitors-oops-they-all-have-the-same-clause contracts to include a waiver of the right to participate in a class action lawsuit. The argument is that all companies will do this soon, as there's little reason not to, and that will thus block most citizens from joining class action lawsuits.

The problem here is that SCOTUS was wrong. The right to redress in court is one right that we shouldn't be able to sign away, and given how our court system is structured to so heavily favor the rich, class action rights should be considered a basic citizen right to redress.

Re:Great plan

[cavreader]

"found by some criminal organization" The group who stole and released the information can accurately be described as a "criminal organization". If you rah, rah the hackers and then look forward to filing lawsuits against the company that got hacked then you must also be in favor in catching the people who perpetrated this crime and dealing with them in the legal system.
 

Re:Great plan

[Jane+Q.+Public]

"Release a hack that shows ANY personal info should be a felony."

You are part of the problem.

Do you not realize, that it was lack of security on the part of the banks that allowed this to happen?

A lack that in many cases, was probably illegal?

By your logic, anybody who points out in public that your wallet is about to fall out of your pocket should be prosecuted.

Re:Great plan

[Ostracus]

Slashdotters didn't have a problem with it last time I said something about Anonymous. How many more times will it take before people realize Anonymous isn't THEIR friend.

Re:Great plan

[Jane+Q.+Public]

"If you rah, rah the hackers and then look forward to filing lawsuits against the company that got hacked then you must also be in favor in catching the people who perpetrated this crime and dealing with them in the legal system."

The "people who perpetrated this crime" were the banks that did not adequately protect their customer's information.

Other than that little difference, I agree with you.

Re:Great plan

[Jane+Q.+Public]

"Oh ya then how did the hackers find it the security hole? bank did just say hay here,s our security hole. In fact they hacked it, that's against the law already because they did STEAL the passwords. And no i don't expect someone who tells you hay your wallet fell out to be prosecuted. That's just a plain stupid argument by a person who doesn't have a clue or doesn't want a clue. Ya just want to complain."

This doesn't even deserve an answer. But I'm going to give you one anyway. No thanks necessary!

So you are saying to me: you don't care that the banks have been criminally irresponsible with people's data? You don't CARE, that somebody ELSE -- a criminal somebody else -- could have found this data and just stolen everybody's money, instead of making it public?

Whose fucking side are you on?

I have personal experience with a bank that refused to close a GAPING, OUTRAGEOUS security hole that I pointed out to them, for over a year! After about 6 months of it, with no change, I decided to go to the press with my story. You know what happened? The press and TV wanted nothing to do with it. The bank was a major customer. They weren't about to publish anything negative about it.

So guess what avenue was left? Only one. In order to close this gaping hole, only one thing would suffice: going public with the data. THAT makes people stand up and listen.

THE BANKS are the criminals here, and the press are in bed with them. If you think differently, you are deluding yourself.

And the release of data is the only way they (and a lot of people, like you) will even pay attention.

So take your criticism and stuff it. I have been there. These people did the right thing.

Re:Great plan

[Doctor_Jest]

That's why Americans have a whole lot more market regulations when compared with some "socialist" european countries, the difference is that your regulations only preserve the absence of competition (wtf do you think patents are?).

What's really startling is that the regulations are not about socialism but corporatism and cronyism. Wouldn't it be a great time if the free market would be allowed to work? We need a shot at it, but considering the current political climate... that's not going to happen anytime soon.

Re:Great plan

We had 'free markets' in the 1800s. It only allowed unbridled corporate greed and massive amounts of worker exploitation and pollution.

Re:Great plan

[guttentag]

As someone exterior from the US, there is something I don't understand... What do people wait to file a class action to protest against bad security in banks ?

Because we wouldn't get better security as a result, just a coupon for $5 off an adjustable rate mortgage.

Re:Great plan

[Doctor_Jest]

No, we had no free markets in the 1800's. That's a myth. A free market doesn't mean a market without rules. It means a market without manipulation. Read Adam Smith or F.A. Hayek. (And before the Kensyians jump in with their nonsense... Just give it a shot.)

It's enlightening...

Re:Great plan

[ravenshrike]

Homogeneity of population combined with cultural values combined with the fact that they spend virtually nothing on defense thanks to the Pax Americana. Also known as the if anyone fucks with Europe we'll fuck them up policy. Or at least that was how things worked, until Obama threw the Ukrainians to the Russians

Re:Great plan

[SuricouRaven]

The media live by viewship and rateings. They want to run stories that people want to read. Given the choice between 'General YouNeverHeardOf authorises the use of mace-cannons on protestors in Elbonia' and 'LIBERAL-SUPPORTED LIGHTBULBS ARE KILLING YOUR BABY!!!!1!!!1!,' which do you think is going to make the most advertising money?

Re:Great plan

[Krojack]

True however there is a LOT of information here. Most people won't spend the time to pick though it. They will just assume they are in the clear because their bank claims they are "certified and accredited". =)

Re:Great plan

[jpapon]

The only measure I can think of that would show the US declining over the past 70 years is relative to other countries such as Germany or China.

Lets set aside that it isn't a fair comparison since much of that growth is due to the fact that they started from nothing, while the US had the largest industrial base in the world 70 years ago.

You do realize that basically every other successful country in the world is MORE Socialist than the USA, right? So if the US is becoming less successful relative to the rest of the world, wouldn't the solution logically be more Socialism, rather than less?

Security

[DevotedSkeptic]

Banks got billions in bailout but apparently put none of it into security. Like the bailouts the Banks and politicians win and the consumers lose.

Re:Security

[lightknight]

The power to print money, and give it to your friends, is the power to ensure you and your friends are always on top*.

* For all situations where this is applicable.

Re:Security

[Sarten-X]

I look at the bonuses, and I don't see the problem as being so big.

Something like this was bound to happen...

[dryriver]

The powers-that-be, which includes banks, corporations and lawmakers, have been driving all of us "ordinarylings" towards a future where we are increasingly under 24/7 surveillance, whether we like it or not. They have been building a "surveillance grid" that becomes more sophisticated every day, and that knows everything from what we are buying/consuming, to what we are reading, to where we surf on the net when we get up in the morning, to where we park our cars, or go for an evening walk. ---- In a sense it is almost fair that the people who have been encouraging & bankrolling & constantly expanding this surveillance grid get their own digital lives hacked, and thrown online for everyone to scrutinize. ----- If we weren't surveilled digitally, 24/7, and so cruelly, I would say that these hackers have done "a bad thing". ------- Things being what they are - we are watched every more closely by the surveillance grid - its hard, morally speaking, to blame these hackers for their unorthodox actions and tactics.

Re:Something like this was bound to happen...

[sgrover]

I'm all for exposing the rampant abuses of our privacy and collection of our personal information. BUT, this sort of thing only hurts the public. It does not hurt the people who commissioned the system to collect this data. All that is being exposed here is that some systems that happen to collect information have some security holes that need to be fixed. This fact in itself may be damaging, but only to those who use and/or maintain the system.

The fact that the system exists, and that it can tied with other similar systems to paint a very broad description of a person is the part that should be worrying to the public. Why do we need such a system? Why does it have to talk with other systems? Is the data it is collecting really secret? Or even ours to control? These are the questions I think need to be highlighted. Unfortunately these data dumps, while possibly altruistic in intent, do little to address the real questions. IMO.

Re:Something like this was bound to happen...

[Sarten-X]

What reasonable alternative did the innocents have? Join a non-existent revolution?

The simple fact is that having the conveniences of modern life requires trusting your personal information to others. You can pick which bank you use, but they seldom allow customers to fully inspect their security practices. The innocents are unwilling participants who really have no choice in whether they support the corrupt system or an honest improvement, because they can't tell which option is supporting which system.

Cool, that'll show 'em

[kiwimate]

Score against banks - a bit of a headache, some minor bad P.R., a temporary drop in share price maybe. Don't worry, it'll come back up when the next scandal pushes this one off of people's memories.

Score against the people they're standing up for (the public) - millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress...

What a bunch of jackasses. Maybe these people should think who they're really hurting once in a while.

Re:Cool, that'll show 'em

[LMariachi]

How would this lower anyone’s credit rating? Unless they’ve been lying to creditors about their assets/income, in which case their credit rating ought to take a hit.

Re:Cool, that'll show 'em

[Jane+Q.+Public]

"Score against banks - a bit of a headache, some minor bad P.R., a temporary drop in share price maybe. Don't worry, it'll come back up when the next scandal pushes this one off of people's memories."

Not really. This publicly humiliates their "security" measures. In many cases, they are probably breaking Federal security laws. If I were among those affected, I would try to start or join a class action suit.

"Score against the people they're standing up for (the public) - millions of lives ruined as their credit goes to pot, countless hours and days of effort spent to try and recover, thousands of dollars of extra interest payments now their credit score has been dropped down, potential bankruptcies and divorces and split households from the stress..."

Again, not really. Would you honestly rather have had somebody discover all this in secret, and run off with all the money they could finagle out of it? And not be discovered for months or years later?

Or would you rather have it public, so that The People know about it and can take action against it?

No, you are quite wrong. This WAS the right thing to do.

Re:Cool, that'll show 'em

[vlm]

millions of lives ruined as their credit goes to pot

Yeah, how does that work? I've seen this quite a few times in the comments already, and I'm not arguing they're doing the right thing, I'm not arguing no one will be hurt or its not annoying, but I have no idea how your credit gets ruined because someone steals your docs.

I'm old enough to have gotten a couple car loans and mortgages and I've seen my reports, you can request a copy online although its a modestly annoying task.

They are unexpectedly interested in how long the account has been opened (I was surprised to learn that, my guess is its a legal proxy for knowing your age). They're extremely excited about your monthly payment record over the past couple years. They seem interested in default/fraud/NSF-bounce issues in the past couple years. They really like to tabulate your current balance and all kinds of ratios based on those balances as a fairly pointless snapshot. I'm just not seeing a section of the report "number of times account info released by anonymous", perhaps with a graph or something like that.

My wife got her CC stolen probably online, no big deal, bank was nice about it all, no cost to us, doesn't show up on any report that we've seen since. My mom got her info stolen and a truck purchased in her name and driven across the .mx border, again no problem.

So humor me with what an organic chemist would call a reaction mechanism. A droplet containing your bank account number is dropped into the fetid test tube that is the internet and the reaction begins with... I'm looking for a model of how this supposed "destruction" happens? I'm hearing this is financial ebola, but only experienced and heard of a sniffle in similar cases. I'm interested in how this destruction happens.

Re:Cool, that'll show 'em

[Sarten-X]

The credit record is damaged like any other identity theft: Incrementally.

Looking at a few of the leaked details, I see full names, phone numbers, passwords, and answers to verification questions. With knowledge of your bank accounts, anyone can call the person directly claiming to be a representative from the bank, and ask a few security questions. Then they can use the answers to convince the bank to release more details, under the pretense of "verifying some old records". Attackers can build up enough facts and details to open a credit card or get a loan in your name, then run off with the money. Then that monthly payment record that's so exciting turns sour fast, and even if the creditor is helpful in clearing up the fraud, the theft is noted in your fraud history.

It's amazing how much information people will gladly give away to someone claiming to represent their bank who already knows a few details.

A lot of the damage depends on how willing the creditor is to take the loss. Not all banks are "nice about it all", and it's entirely at their discretion what history end up on your report.

Re:Cool, that'll show 'em

[DarwinSurvivor]

Identity theft.

Did anyone look at these "dumps"?

[TheRealMindChild]

Seriously, has anyone actually looked at these so called "dumps"? Most of them are a single field from a table, with no relational data to associate the bits. I see email addresses with nothing else. I see [email] addresses with nothing else. I see First and Last names, but nothing else. Phone numbers... the same. Then there are loads of obvious blog style records that is used to populate their "news" and such sections (which are obviously on their front page anyway). Where is the damage?

nee

[trudyscousin]

The motivation behind the hack, the group claims, is to protest against banks, politicians and the hackers who have been captured by law enforcement agencies.

(emphasis mine)

Yeah, I'd be protesting against those stupid hackers too. I mean, they got caught? Horrors!

Is no one proofreading these submissions?

Yeah, They Look Like Garbage ...

[eldavojohn]

Seriously, has anyone actually looked at these so called "dumps"? Most of them are a single field from a table, with no relational data to associate the bits. I see email addresses with nothing else. I see [email] addresses with nothing else. I see First and Last names, but nothing else. Phone numbers... the same. Then there are loads of obvious blog style records that is used to populate their "news" and such sections (which are obviously on their front page anyway). Where is the damage?

I've looked at over 20 so far and all have been absolutely worthless. Even the ones that didn't hash their passwords (BookData? what site is that, can't even find their landing page and all the logins look to be JP e-mail addresses) I can't find where I'm supposed to log in. Furthermore, some of these look like some automated testing software when I see rows like:

| NULL | NULL | 1031 | 1' and '7'='2 | false | !S!WCRTESTINPUT000003!E! | NULL |

| NULL | NULL | 1033 | 99999999 or 7=2 | false | !S!WCRTESTINPUT000003!E! | NULL |

| NULL | NULL | 1032 | 99999999 or 7=7 | false | !S!WCRTESTINPUT000003!E! | NULL |

Those two filled in columns are username and password by the way. So I'm going to say there's three possibilities:

1) these are completely fabricated tables mixed in with (like you noticed) front page public news items and HTML to make them look authentic.

2) these are legitimate but just plain crappy sites. How is it that they only get ~1200 user records from a site unless the site is so worthless that it only has 1200 users?

3) they have everything. They have sensitive stuff but what they've done is show the targets that they have been compromised by releasing only the sensitive data that won't hurt the small users. Since they are publishing the structure of the databases and the targeted entities know that if you have access to that structure, you have/had access to all of the many user information.

I can't believe Teenfad hashed their passwords but some of these other seemingly more sensitive sites didn't. Who the hell is storing plain text passwords in a database!? Well, I guess we have a list of worthless sites that do it now.

Re:No.

[VortexCortex]

I disagree. While I completely understand what you're saying, I think that we should be associating every breach of law with Anonymous. In the short term it makes the name seem more powerful, and the police state can convince us it needs to limit more freedoms to catch members of Anonymous. Over the long term it points out the ridiculousness of hunting down anyone as a "terrorists" simply by labelling them "Anonymous".

Look, it's going to get worse before it gets better. I'd have rather had a better name to rally under when the time comes for that, but one makes do with whatever planet one's on, eh? The sooner it's made apparent to the common folk that "Anonymous" means "average citizen", the better.

Are you now or have you ever been a member of Anonymous?

The mods didn't get the memo

[girlintraining]

Apparently the slashmods missed the memo: "The Supreme Court ruled Wednesday that consumers can be bound by an arbitration clause in a cellphone deal or other contract even when state law permits a class-action lawsuit for claims arising from the deal."

Along with a lot of other people, for some reason, despite there being almost a dozen slashdot articles on it. Must be because I'm a troll. You know, one of those fact trolls. Damn you facts! DAAAAAMMMMMNNN YYYOOOOOOUUUU!!!