Notorious hackivist group Lulzsec has brought down Australian domain registrar and web hosts Distribute.IT and publicly published a list of 62,000 international email addresses and passwords.
The data files appear to be cobbled together from a variety of sources, but the Australian email details include a number from Australian universities and government departments including AusAID, the Victorian Department of Childhood and Early Education and several local councils in NSW and Victoria.
The Australian policy authority and industry self-regulatory body for the .au domain space, auDA, would not comment on the matter. The latest hack attack from LulzSec follows on from its CIA security violation yesterday.
Distribute.IT remains offline (at press time) after being initially attacked on Saturday. The immobilised company described the attack as “despicable” and is working with authorities providing usable information to locate the source.
“The extent of the attack is quite broad and recovery efforts have been underway since the Network was locked down Saturday evening (11/6/11). This attack was a deliberate aim at the Company and our clients,” the company said in a blog post.
The company is still attempting to restore services and has ceased providing any customer phone support due to the volume of service queries. It remains unclear how many customer details were compromised but initial estimates run into the thousands.
The latest update from DistributeIT stated that “engineers have confirmed that routing issues affecting some VDS clients have now been resolved and normal services returned to affected customers. Work is continuing on the recovery of the remaining shared servers, but we are still unable to provide any accurate indication of time for resolution on these.”
Meanwhile Lulzsec claims it hit 2000 downloads of their latest data heist before it was taken down. ®