Hackers claim China Telecom breach

Hacker group Swagg Security reveals it broke into Chinese telco's vulnerable SQL server and published stolen administrator passwords online. It also hacked into Warner Bros' intranet.

A hacker group, Swagg Security, claims it has breached China Telecom's backend system and published over 900 login details of its administrators. Warner Bros was also a victim as its intranet system was broken into.

According to a message posted on information-sharing Web site, pastebin, on Monday, the hacker group said it had been downloading the information from the Chinese telco's SQL server, which it described as one with "extremely low processing capacity", for about a month. Even though Swagg Security caused several instances of distributed denial of service (DDoS) while downloading the information, the IT department at China Telecom "thought nothing of it" and only moved its SQL server after realizing it had been hacked.

However, China Telecom's IT administrators did not change their passwords, and the hackers claimed that "we could have and still could destroy its communication infrastructure leaving millions without communication". The group has posted the login details for over 900 admin users for China Telecom and encouraged users to "access and tamper with [its] data".

China Telecom did not respond to ZDNet Asia's enquiry on the breach.

In the same note, Swagg Security also mentioned it had hacked into Warner Bros' intranet and found its IT department's "well documented confidential data about 'critical vulnerabilities' in its servers and sites".

The hackers added that while the company's IT staff discovered the breach, they "don' give a shit" and warned the company it might publish a much larger leak besides the vulnerabilities inherent in its IT systems in the future.