Australian Broadcasting Corporation confirms hack

Australian Broadcasting Corporation confirms hack

Summary: A hacker has claimed to have dumped information from an ABC subdomain in retaliation for the media outlet providing an anti-Islamic MP with air time on its Lateline show.


A hacker going by the handle "Phr0zenMyst" has claimed to have hacked a subdomain belonging to the Australian Broadcasting Corporation (ABC), leaking the details of its users.

The hacker but did not disclose which subdomain it claims to have breached, but has published a database dump of users on the site. Information includes the names, ages, email addresses, hashed passwords, Australian hometowns, genders, and IP addresses of users. In some cases, the latitude and longitude details have also been provided.

ZDNet found that these coordinates are primarily based in Australia, further pointing to the local origin of the database, but are only accurate to about 10km in many instances. Many of the email addresses also use Australian internet service providers (ISPs).

On the morning of the incident, ABC head of Corporate Communications for ABC Corporate Affairs Sally Cray told 774 ABC Melbourne that it is aware of reports on the attack, but could not confirm whether an actual attack had taken place.

"We don't want to alarm anybody. We just want to look into the matter fully before we realise what's gone on," Cray told 774 ABC Melbourne.

The motive behind the attack appears to be retaliation for providing Dutch MP Geert Wilders with a 20-minute slot on ABC's Lateline. Wilders is known for his anti-immigration and anti-Islam stance, a view that has prompted Anonymous to begin a campaign against Wilders known as #opWilders.

Later in the day, ABC confirmed in a statement that it had in fact been subject to a breach of a subdomain for its Making Australia Happy television program in 2010.

"At this stage, we are still investigating the details of the breach. However, we do know that it has exposed the name, username, and a hashed version of the password that audience members used to register on the program website. As soon as the ABC was made aware of this activity, the site was shut down," the statement said.

The website in question is currently offline.

"This breach originated at an overseas location, and an activist has claimed responsibility for it.

"The ABC will be in contact with audience members who have been directly affected."

Updated Wednesday, February 27, 2012 at 2.24pm AEDST: Added confirmation from ABC.

Topics: Security, Government, Government AU

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • What an idiotic

    thing to do. If the hacker bothered watching the interview, the ABC roasted Geert alive and exposed him for the hypocritical fool he is. It was hardly a Today Tonight style lets-pretend-to-be-neutral-but-give-xenophobes-their-daily-sustenance-for-their-ratings type of deal, but good reporting that informed the public. ABC made sure Geert hung himself with his own rope, and only a long racist moron lacking in any critical thinking skills would have thought otherwise.

    Why doesn't someone trace who and where a hacker such as “Phr0zenMyst” is, based on where their Twitter tweets are being posted from? (Phr0zenMyst regularly tweets about which sites they have hacked). Is this something very difficult to do? I, a non-techie if there ever was one, have been wondering about this conundrum, and also about riddles such as how al-Qaeda manages to regularly publish online magazines without the CIA, MI6 etc being able to geographically trace the people uploading the material. Seems pretty dumb to me that they aren't able to do this.
    • It all depends

      Hackers are generally not easy to trace (compared to average computer users), but it depends on how well they cover their tracks.

      Technologies such as encryption, VPN tunnelling (used to establish a secure connection between a host and an external network), proxy servers (used as a mask or filter between your computer and the Internet), and even software like Tor are utilised to try to mask the user's origin. Also, with the utilisation of public Wi-Fi, means that you can drive out of town, do your thing, and leave before being traced.

      These are generally well-known in security circles on both sides of the fence (hackers and network security alike). But the technologies are always changing, and the ability to monitor EVERYTHING is... difficult, to say the least.
      • And it gets worse...

        Asides from the technical reasons dmh_paul has mentioned, there's also the fact that law enforcement organisations are often bound by jurisdiction. In some cases, law enforcement may know the physical whereabouts of a perpetrator, but the local (for the perpetrator) authorities don't want to or can't get involved.

        It doesn't always happen -- there are some great cases of international collaboration nabbing the bad guys -- but it certainly makes it harder.

        Michael Lee (Mukimu)