The hackers in the GhostShell crew have published a list of recently compromised targets. It’s a list that includes websites in the government and the educational sector in the US, as well as retailers around the world.
Each entry is accompanied by links to four different public paste locations, containing a preview of the extracted data. So far, there are 548 published victims. Data includes email addresses, usernames, ZIP codes, phone numbers, names, dates of birth as well as hashed and plain text passwords.
The group has also published all of the data in one shot on Pastebin.
The team says that it has altruistic intentions: to bring to light the inherent insecurity of cloud providers and our most enshrined institutions.
“Time to bring to light the things that you've never been told in the media lately. How truly deplorable cybersecurity has become,” the group tweeted.
In another tweet, it added, “Reminder: These are all preview leaks. If you want to help patch them please report the vulnerabilities. Thanks. – GhostShell.”
GhostShell became notorious a couple of years ago for several hacking sprees before going underground, including one in which it dumped 1.6 million records. However, its Twitter feed sprang to life again on June 28.