More than 1,000 email credentials from five multinational oil industry companies, including Shell and Exxon and BP, has been dumped online by hackers associated with the Anonymous movement.
The hackers targeted the three giants alongside Russian oil firms Gazprom and Rosneft, each of which is accused of melting the Arctic ice caps. The data dump includes 317 emails and their MD5 hashed passwords from a hack in June, and a further 724 emails and hashed passwords and 26 emails with clear text passwords which were added yesterday, as NovaInfosec.com explains.
Although most of the information is encrypted, it has been posted online in the hope that volunteers and hobbyists will help crack the details and provide passwords for the email addresses.
So far, the data has not been used maliciously. Employee details were used to add some rather ironic new signatures to the Save The Arctic petition while the hacker, ‘@le4ky‘, admits that the first set of data fell into the hands of phishing schemes.
The details were grabbed from shell domains and other sub-domains where it was reportedly available due to poor website management. Though data was not taken through an outright hack, it highlights the potential issues that ‘data trails’ can cause when weak points in the chain allow information to fall into the wrong hands.
We’ve deliberately kept the specific links leading to the data dump out of this article, and have contacted the companies involved for comment.
Image via Flickr / Kristopher Edwin