LulzSec hacks CSS Corp

Lulz Security (LulzSec), a hacktivist group loosely associated with the hacktivist group Anonymous, returned last night after disbanding back in June 2011. Their first target was Military Singles, a dating website which the group hacked and from which it subsequently exposed 170,937 accounts. Soon after, the group targeted communications technology firm CSS Corp, and publicly posted the company's entire e-mail database (66 files in total).

Here's what the group wrote on PasteBin:

http://csscorp.com/ - Global Information & Communication Technology Service Data base dumped: Whole database:http://www.embedupload.com/?d=4DLXN2QXWG

Some of the users: Email,FirstName,LastName,Password,Phone,UID,Username "kuruvilla.mathew@csscorp.com","Kuruvilla","Mathew","[redacted]","9940146066","9","kuruvilla.mathew" "subbiah.pradeep@csscorp.com","Subbiah","Pradeep","[redacted]","NULL","8","subbiah.pradeep" "joseph.abraham@csscorp.com","Joseph","Abraham","[redacted]","9952051332","7","joseph.abraham" "Subhashini.V@readytestgo.com","Subhashini","V","[redacted]","91 44 66546083","5","subhashini.v" "ganesamoorthi.dhayalan@csscorp.com","ganesh","dhayalan","[redacted]","9884967211","6","ganesh" "ravindran.viswanathan@cybernetsoft.com","Ravindran","Viswanathan","[redacted]","NULL","4","ravindran.viswanathan" "ravin.carr@cybernetsoft.com","Ravin","Carr","[redacted]","NULL","3","ravin.carr" "irfan.shariff@csscorp.com","Irfan","Shariff","[redacted]","NULL","2","irfan.shariff" "anindabasu@gmail.com","Aninda","Basu","[redacted]","919886677363","1","aninda.basu"

Here's what the group tweeted via the Twitter account lulzboatR, which now has over 1,000 followers (yes, one tweet went out twice, two hours apart):

http://csscorp.com/ - Global Information & Communication Technology Service Hacked teh sailin continues! http://pastebin.com/GJgLRWHn and admins from csscorp I know that you are smarter then the others please don't search for proof we will delete your whole database... #CSS http://csscorp.com/ - Global Information & Communication Technology Service Hacked teh sailin continues! http://pastebin.com/GJgLRWHn

As I wrote last night, it's still not clear if LulzSec plans to go on another 50-day hacking spree like the first time. This second hack, however, shows pretty clearly the group didn't hack Military Singles just to show they're still around. While this new LulzSec isn't exactly like the first group, it is definitely doing everything in the spirit of its predecessor.

There are likely more hacks to come, but there's no way to know how much more. Less than an hour ago, the group tweeted "Join http://irc.anonops.com chan -> #LulzSecReborn." Something tells me we can expect a lot more lulz in the next few days.

See also:

• LulzSec hacks Military Singles
• Anonymous: LulzSec returns on April Fools' Day?
• Anonymous hacks Panda Security in response to LulzSec arrests
• LulzSec mastermind helps FBI arrest notorious hacktivists
• LulzSec hackers 'brought down' by own leader
• LulzSec disbands: Final cache includes AT&T internal data and 750,000 user accounts