Hacktivist campaigners Team GhostShell claim to have stolen accounts from a number of organisations including NASA, ESA, the Pentagon and the Federal Reserve.
In "#ProjectWhiteFox", what the team says will be their last project for the year, the hackers appear to have targeted and stolen database records from companies and organizations including NASA, Bigelow Aerospace, Aerospace Suppliers, World Airport Transfers, the Credit Union National Association (CUNA) and a defense contractor for the Pentagon.
The team claims that the latest campaign has resulted in the leak of 1.6 million accounts and records from different industry players.
The file dump, upon closer inspection, seems to include a number of records obtained via SQL injection. A random selection of the files contain email and home addresses, defense material tests and analysis notes, mailing lists, passwords and names. In addition, some file dumps also include administrator email addresses and accompanying passwords, telephone numbers, hashed passwords and database details of company suppliers in the aerospace and oil industries.
A file titled "NASA's Engineers: Center for Advanced Engineering" contains email addresses, member names, and what appears to be the passwords of several users.
Team GhostShell writes that it has sent a number of emails detailing security failures to figures based at organizations including the Homeland Security Information Network, the FBI, Flashpoint and a partner of NASA, commenting:
"Forgot to mention that the email will also contain another 150 vulnerable servers from the Pentagon, NASA, DHS, Federal Reserve, Intelligence firms, L-3 CyberSecurity, JAXA, etc. consider it an early Christmas present from us)."
Team GhostShell is loosely linked to hacktivist collective Anonymous, who have begun a new campaign called #OpWCIT, based around the World Conference on International Telecommunications (recent blog post, Anonymous outlines its opinion on Internet regulation and censorship, urging those online to sign a number of petitions and prevent "the balance of the Internet being upset."). In a
Team GhostShell has been connected to a number of high-profile campaigns in 2012. In recent months, the collective has claimed responsibility for leaking, as well as the release of originating from the Russian government.