BGR India's data hacked and shared on dark web says report
Feb 28, 2020, 12:25 IST
Hackers have reportedly compromised tech company BGR's (Boy Genius Report) India website and dumped its data containing emails, hashed passwords and other information on the Dark Web.
According to data breach monitoring service 'Under the Breach', hackers shared SQL databases from unsecured AWS (Amazon Web Services) buckets and one archive belongs to the BGR site in India.
The data leak was first reported by experts from the security firm Under the Breach. The full SQL backup contains emails, hashed passwords and other information, reports BleepingComputer.com.
"Actor dumps the MySQL database of http://bgr.in (@BGRIndia) a huge Indian tech news site! 2,000,000 monthly visitors, @BGR 11,650,000 monthly visitors! Hacked due to exposed s3 AWS bucket. Usernames, emails, passwords and more. Full SQL backup," tweeted Under the Breach.
BGR was yet to issue a statement on the report.
A "full SQL dump" refers to all the posts on the site along with access credentials for authors and administrators.
The experts from Under the Breach said that credentials were stored in hashed form, converted with a function in WordPress.
"In most cases, hackers pay to have the hashes cracked. On some specialised sites, this service is advertised at a reasonable price."
According to the hackers, the overall dump contains at least 36,000 emails and logins for other affected websites like tradinggame.au.com and S3 Production.
Experts from Under the Breach found 16 SQL dumps contained in a seven ZIP archive, said the report.
It started off as a column written by Internet personality Jonathan Geller, who later converted it into a website.
Advertisement
According to data breach monitoring service 'Under the Breach', hackers shared SQL databases from unsecured AWS (Amazon Web Services) buckets and one archive belongs to the BGR site in India.
The data leak was first reported by experts from the security firm Under the Breach. The full SQL backup contains emails, hashed passwords and other information, reports BleepingComputer.com.
"Actor dumps the MySQL database of http://bgr.in (@BGRIndia) a huge Indian tech news site! 2,000,000 monthly visitors, @BGR 11,650,000 monthly visitors! Hacked due to exposed s3 AWS bucket. Usernames, emails, passwords and more. Full SQL backup," tweeted Under the Breach.
BGR was yet to issue a statement on the report.
Advertisement
The experts from Under the Breach said that credentials were stored in hashed form, converted with a function in WordPress.
"In most cases, hackers pay to have the hashes cracked. On some specialised sites, this service is advertised at a reasonable price."
According to the hackers, the overall dump contains at least 36,000 emails and logins for other affected websites like tradinggame.au.com and S3 Production.
Experts from Under the Breach found 16 SQL dumps contained in a seven ZIP archive, said the report.
Advertisement
Launched in October 2006 in the US, Boy Genius Report is a popular destination for breaking consumer electronics news as well as exclusive early looks at unannounced products.It started off as a column written by Internet personality Jonathan Geller, who later converted it into a website.