Search the Community

Contact information for staff members also posted online WASHINGTON (CNN) —The hacker who goes by "Guccifer 2.0" is claiming credit for the release of personal cell phone numbers and private email addresses of Democratic House members. The data -- posted to their WordPress blog on Friday night -- also contains the contact information for staff members and campaign aides. In the trove of information released on Friday "Guccifer 2.0" also uploaded files to the blog post that contains login information to subscription services used by the Democratic Congressional Campaign Committee, including Lexis-Nexis and Washington newspapers. In a statement, DCCC Press Secretary Meredith Kelly said: "As previously noted, the DCCC has been the target of a cybersecurity incident, and we are cooperating with federal law enforcement in their ongoing investigation. We are aware of reports that documents claimed to be from our network have been released and are investigating their authenticity." Rep. Adam Schiff of California, the ranking Democratic on the House Intelligence committee, suggested a law enforcement probe is necessary. "The unauthorized disclosure of people's personally identifiable information is never acceptable, and we can fully expect the authorities will be investigating the posting of this information," Schiff said. "I have every confidence that law enforcement will get to the bottom of this, and identify the responsible parties. And when they do, I hope the administration will disclose who is attempting to interfere with the American political process, and levy strong consequences against those responsible." In addition to lawmakers' personal information, the hacker uploaded documents analyzing candidates for Florida's 18th congressional district, and a fundraiser memo to House Minority Leader Nancy Pelosi about Morgan Carroll's congressional campaign in Colorado. The hacker wrote in the blog post, "It's time for new revelations now. All of you may have heard about the DCCC hack. As you see I wasn't wasting my time! It was even easier than in the case of the DNC breach." The person claiming to be Guccifer 2.0 earlier posted several documents on the Internet and sent them to media outlets including Gawker, portraying the documents as coming from the hack of the Democratic National Committee's files. The documents included a file about Republican nominee Donald Trump and what looked like memos about DNC operations. But the claims made by the "Guccifer 2.0" individual were viewed with a dose of skepticism by experts who have analyzed the events. There is no way to verify the identity of the individual known as Guccifer 2.0. The name is a reference to a Romanian hacker who pleaded guilty to hacking several prominent politicians and figures, including former Presidents George W. Bush and George H.W. Bush, who went online by Guccifer. So far the administration has not publicly identified who it believes may be behind the hack. However, intelligence and law enforcement officials have told CNN Russia is the most likely suspect. The hack of the DNC was originally discovered as being two separate breaches, both by hacking groups identified by cybersecurity experts as working for the Russian military and intelligence complex. One hack was said to have lasted a year and targeted internal communications, the other was for a few months and targeted opposition research on Donald Trump. Federal investigators had tried to warn the DNC months before, sources told CNN, but by the time the suspected Russian hackers were kicked out of the systems damage had been done: Nearly 20,000 emails between a handful of DNC officials were dumped on the web by WikiLeaks as the Democratic National Convention was kicking off. The emails showing opposition to Vermont Sen. Bernie Sanders during the primary led to the resignation of DNC Chairwoman Debbie Wasserman Schultz on the eve of the convention and departure of more party officials later. In July, WikiLeaks founder Julian Assange said he believed his group's release of hacked Democratic National Committee emails affected the 2016 election, adding the group is holding unreleased information about Hillary Clinton's presidential campaign. "We have more material related to the Hillary Clinton campaign," Assange told CNN's Anderson Cooper on "Anderson 360" on July 29. "That is correct to say that." On Saturday, Rep. Jason Chaffetz, chairman of the House Committee on Oversight and Government Reform, offered words of sympathy for House Democrats. "Russia-linked hacker leaks House Democrats' cell phones, emails http://www.politico.com/story/2016/08/house-democrats-hack-cell-phones-226979 ... So, so wrong. I hope authorities prosecute," tweeted the Utah Republican. On Thursday, Pelosi cited reports that the hack of the DNC was even broader than had been made public, labeling the episode an "electronic Watergate." "Let me just say this in terms of the presidential campaign: This is an electronic Watergate," Pelosi said. "This is a break-in." A US official this week confirmed a report -- first in the New York Times -- that the hack of the DNC was broader than had previously been known.

Anyone that is a member of HCS or any other VerticalScope website better change their password. But a further analysis of the leaked database, obtained by breach notification site LeakedSource.com, suggests that the scope of data may be greater than first thought. In a sample given to ZDNet, the database shows email addresses, passwords that were hashed and salted passwords with MD5 (an algorithm that nowadays is easy to crack), as well as a user's IP address (which in some cases can determine location), and the site that the record was taken from. LeakedSource confirmed the findings in a blog post, published Tuesday. The group said in its blog post that it was "likely that VerticalScope stored all of their data on interconnected or even the same servers as there is no other way to explain a theft on such a large scale." Three major social networks have quietly fallen victim to data breaches. Despite some success, patience and trust is now fading. Despite a push in recent years for stronger encryption and fixing security flaws, the forums thought to be affected by the breach fell far behind industry security norms. A cursory search of the list of domains caught up in the hack revealed that none of the sites we checked offered basic HTTPS website encryption, which would prevent usernames and passwords from being intercepted. Many of the forums ran versions of vBulletin software dating back to 2007. Most were running software versions that were easily exploitable by hackers with known vulnerabilities. A blog post from security reporter Brian Krebs from 2013 showed that older versions of the vBulletin forums that were vulnerable could be easily searched with readily-available attack tools. It's not clear who carried out the hack. A LeakedSource group member said it was "not related" to the recent hacks against MySpace, LinkedIn, and Tumblr. As of Tuesday, the company has not made any public statement in relation to the hack. Unlike in other recent other breaches, this data does not appear to be for sale on the dark web -- for now. http://www.zdnet.com/article/hacker-steals-45-million-accounts-from-hundreds-of-verticalscope-car-tech-sports-forums/