Earlier this week, the xl3gi0n hackers group breached one of NASA's subdomains and compromised their database server. They posted their stolen data which includes emails, names, hashes, and passwords to pastebin. The pastebin link can be found here.

Also this week, the xl3gi0n group claim they breached databases for ten government sites. They've dumped the database information, which comes from websites from multiple countries, to another pastebin link which can be found here. Countries affected by this are Ukraine, Italy, China, and Nigeria. The information obtained includes: usernames, password hashes, emails, and some plaintext passwords.

Both of the above exploits are part of a operation called OpLeak. The intent behind this operation is to leak database info from more than 1000 databases in order to demonstrate that better security awareness is needed.

More recently, the xl3gi0n hackers group recently discovered a SQL injection vulnerability in Sony's French website, sony.fr.

The link, http://www.csl.sony.fr/~pachet/markov_applet_style/get_lyrics.php?auth=10,000 Maniacs&id=1 was found to be vulnerable to this injection, however this page has since been taken offline.


The hackers has stated that they reported the vulnerability to Sony and received a reward.

Sony Hack