[funsec] Bill O'Reilly Website Hacked
Richard M. Smith
rms at computerbytesman.com
Fri Sep 19 19:26:16 CDT 2008
Will Mr. O'Reilly be notifying all of his subscribes of the breach? He
might also want to point out that if someone has used the same password at
BillOReilly.com and their email account, then the bad guys can potentially
break into a lot of other Web site accounts.
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org] On
Behalf Of Paul Ferguson
Sent: Friday, September 19, 2008 8:11 PM
To: funsec at linuxbox.org
Subject: [funsec] Bill O'Reilly Website Hacked
-----BEGIN PGP SIGNED MESSAGE-----
Wikileaks has been informed the hack was a response to the pundit's recent
scurrilous attacks over the Sarah Palin's email story--including on
Wikileaks and other members of the press. Hacktivists, thumbing their noses
at the pundit, took control of O'Reilly's main site, BillOReilly.com.
According to our source, the security protecting O'Reilly's site and
subscribers was "non-existent".
[...] image[s], submitted to Wikileaks and confirmed by Wikileaks staff,
offers proof of the hack. The image, clearly obtained from BillOreilly.com's
administrative interface, shows a detailled list -- including passwords --
of BillOreilly.com subscribers. Although Wikileaks has only released one
page, it must be assumed that Bill O'Reilly's entire subscriber list is, as
of now, in the public domain.
This could get interesting...
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
-----END PGP SIGNATURE-----
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's
tech blog: http://fergdawg.blogspot.com/
Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.
More information about the funsec