German Interior minister's website pwned in wiretap protest
Lax password security allowed hackers to bust into the German interior minister’s website.
Hacktivists pwned the website of Wolfgang Schäuble on Tuesday in protest against new wiretapping and data retention laws They posted links inviting visitors to a protest website "Vorratsdatenspeicherung".
Administrators reacted quickly to the hack by taking the site, www.wolfgang-schaeuble.de, offline. It remains inaccessible on Wednesday afternoon.
Early reports in the German media suggested that security flaws involving the Typo3 content management system used by the site might be behind the hack.
Later reports suggest that hackers were able to gain control over the site after breaking into it using a dictionary attack that revealed the password for the Typo3 CMS was "gewinner" (or winner in English).
Wolfgang Schäuble is no stranger to the attentions of hackers. Last March the Chaos Computer Club published Schäuble's fingerprints in a protest against the reliance on biometrics in electronic passports. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust