Download our in-depth report: The Ultimate Guide to IT Security Vendors
The hackers first published data stolen from each site on Pastebin, but when the site removed the posts, they tweeted, "@Pastebin thanks for deleting our pastes. We went ahead and re-pasted them on HackersBin."
From The West Australian, which the hackers say they breached via SQL injection, they published server and domain information, including 42 user names and encrypted passwords, and stated, "we root the entire box, then we get into all the hosted domains namely Southern Computer Company, after that we get into SCC client base and f**k around with their client computers which are running remote services on Windows machines; and some of these clients are AU Government."
From Loretto Telecom, the hackers published 1,454 e-mail addresses, user names and clear text passwords. "We worked together quite quickly when we exploited and got root to this box," the hackers wrote. "After we got axx we plundered all of the accounts for tens of thousands of digital monies ($) ... Why ? For monies, data and Lulz of course."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Similarly from Mound Telecom, which the hackers claim to have breached via SQL injection, they published more than 600 e-mail addresses and user names, along with over 200 matching passwords in clear text, and stated, "We recently breached Mound Telecommunications and once we got root we plundered all of the accounts and then we purchased tens of thousands of dollars worth of BTC and LTC. Many bank accounts were also completely penetrated and we still have access to these accounts."