Was a BART-Affiliated Website Just Hacked Again? BARTpoa.Com Data Released – Officer’s Personal Data, Passwords

Personal data from BART Police officers was released right here, apparently: http://t.co/WdoJJ0M.

Did this data come from the BARTpoa.com website? http://t.co/xRu80WZ

I don’t know.

Appears as if that website is affiliated closely enough with BART so that it’s now a target as well.

BART Boner ’11 continues….

Tags: , , , , , , , ,

3 Responses to “Was a BART-Affiliated Website Just Hacked Again? BARTpoa.Com Data Released – Officer’s Personal Data, Passwords”

  1. jeff says:

    btw, that pastebin’s bin…bin..been removed now…haha

    supposedly it was done by a newb on some chatboard that wasn’t approved, so they say…but the point being that apparently it was just as easy as the MyBart hack which isn’t exactly a hack in the normal sense

    http://www.pcmag.com/article2/0,2817,2391316,00.asp

    some posts pointed out that because none of this, including this latest hack wasn’t encrypted, it was, in fact, crawled by Google and searchable using a number of easy techniques via well known techniques..The other website California Avoid was actually a more pro SQL injection and that website is still down

    http://www.californiaavoid.org/releases_Cm.php?&county=9

    SQL injection

    http://www.cmswire.com/cms/web-cms/how-they-hack-your-website-overview-of-common-techniques-002339.php

    believe it or not, this isn’t so much malicious as it is exposing how one single character in a bad string can expose an entire website..Computers are unforgiving in this respect, and there will always have to be security HUMANS that have to go around and double check this stuff

    Personally, I use SQL on my BLUOZ website, and I know it’s vulnerable (to the extent of the cheap domain and website hoster-I could make it sucer if I really wanted to, but that’s a pain in the ass and takes days to go through it), but I don’t give a shit, cause nothing important is on it, and most people don’t care about my little site anyway, unless they want to download some live concerts..haha. I know about a little about computer security

    the only thing these people are doing is searching for vulnerabilities and making news while they’re doing it, which is actually a good thing, because it turns out that it’s waking people up to how easy it is to crack your site

    network security is becoming a bigger field these days because of it, and who know, maybe some of Anonymous is simply creating jobs..you know what I mean?

  2. Really Jeff? says:

    Hi Jeff – Its wise to point out that just because you don’t care to secure your site, it IS vital to do so. If you dont’ have the skill, time, concern, move to a different host.

    That type of platform allows attackers a playground – kind of irresponsible.

  3. jeff says:

    actually, my site was hacked last year and the problem was fixed at Godaddy. The hackers replaced my page with some stupid screen shot. The problem was at the hoster and is very common with website hosters, that many sites are on a shared server at a single IP address, so once hackers get access to the server, they can deface multiple websites

    companies that want more security often pay for exclusive servers where they have more control, but c’mon, I’m only paying 5 bucks a month here, and unlike many blogs/website, I have everything backed up, so it took about 30 seconds to replace the front page back to normal. Nothing was ever lost, and all my posts are still there. The point is, you pretty much have to pay for security, and not just with computers

    anyway, the hosting server is more secure now, but that’s probably just the one server I’m sharing with other sites. I’m sure Godaddy is fixing servers daily

    anyway, another example of a fairly basic ‘google hack’ was posted at OpBart..It’s not really a true hack tho because these sites in tennessee also were not secure and were crawled by Google because they weren’t secured..And this is the entire state of tennessee’s tourism industry

    http://pastebin.com/P1fN3ryU

    This actually isn’t even a new concept > ‘inurl:’, it’s been around for awhile

Leave a Reply