According to a recently published torrent file, the latest victim of the Anonymous movement is the military contractor Booz Allen Hamilton. Hacktivists from the movement have published over 90,000 miitary emails and password hashes belonging to military and government representatives:
We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).
We also added the complete sqldump, compressed ~50mb, for a good measure.We also were able to access their svn, grabbing 4gb of source code. But this was deemed insignificant and a waste of valuable space, so we merely grabbed it, and wiped it from their system. Additionally we found some related datas on different servers we got access toafter finding credentials in the Booz Allen System. We added anything which could be interesting.
Anonymous have also included a penetration testing invoice in the torrent's release notes, emphasizing on the security practices applied to the hacked network.
Although the leak is embarrassing for Booz Allen Hamilton, the post-hack effect could easily set up the foundations for successful spear phishing attacks targeting unpublished U.S military and government emails.
The Anonymous community is thriving. Who's next on their targets list?