[funsec] Bill O'Reilly Website Hacked

Richard M. Smith rms at computerbytesman.com
Fri Sep 19 19:26:16 CDT 2008

Will Mr. O'Reilly be notifying all of his subscribes of the breach?  He
might also want to point out that if someone has used the same password at
BillOReilly.com and their email account, then the bad guys can potentially
break into a lot of other Web site accounts.


-----Original Message-----
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
Behalf Of Paul Ferguson
Sent: Friday, September 19, 2008 8:11 PM
To: funsec at linuxbox.org
Subject: [funsec] Bill O'Reilly Website Hacked

Hash: SHA1

Via Wikileaks.org.


Wikileaks has been informed the hack was a response to the pundit's recent
scurrilous attacks over the Sarah Palin's email story--including on
Wikileaks and other members of the press. Hacktivists, thumbing their noses
at the pundit, took control of O'Reilly's main site, BillOReilly.com.
According to our source, the security protecting O'Reilly's site and
subscribers was "non-existent".

[...] image[s], submitted to Wikileaks and confirmed by Wikileaks staff,
offers proof of the hack. The image, clearly obtained from BillOreilly.com's
administrative interface, shows a detailled list -- including passwords --
of BillOreilly.com subscribers. Although Wikileaks has only released one
page, it must be assumed that Bill O'Reilly's entire subscriber list is, as
of now, in the public domain.



This could get interesting...

- - ferg

Version: PGP Desktop 9.6.3 (Build 3017)


"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net  ferg's
tech blog: http://fergdawg.blogspot.com/

Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

More information about the funsec mailing list