Hacktivist group Anonymous on Monday announced that it had stolen more than 1,000 email credentials from employees at five multinational oil companies including Shell, Exxon and BP. The group then took those email credentials and dumped them online.
Also targeted in the attack were Russian oil firms Gazprom and Rosneft. Anonymous claims the attack was instituted because those firms are responsible for a bulk of the melting Arctic ice caps.
Included in the data dump were 317 emails and their MD5 hashed passwords which were grabbed during a previous hack in June. 26 emails dumped online also included clear text passwords.
The information collected during the most recent breach is encrypted and the information was posted online in the hopes that hacktivist members with some free time on their hands will crack the details and provide passwords for the email addresses.
The email addresses were used to add new signatures to the Save The Arctic and the hacker @le4ky admitted that the information fell into the hands of several phishing schemes.
The hack was completed from shell domains and sub-domains where technicians at the company used poor web management tools to protect user data. Based on the simple methodology used to grab the company’s information which required very little hacking expertise it is likely the oil company’s will work to better secure their web presence in the immediate future.
Hacking activities have picked up over the last week, in the last seven days data from Nvida, Formspring, Yahoo! Voices and Billabong have been posted online.