NullCrew Hackers Hit University of Minnesota

Members of NullCrew recently leveraged a SQL injection vulnerability to breach the Web site for the University of Minnesota School of Public Health’s Division of Epidemiology & Community Health, and published user data online.

The data, published on Pastebin, isn’t particularly sensitive — it includes 17 professors’ names, along with some matching department names, addresses, e-mail addresses and/or phone numbers.

No reason was given for the attack, though the hackers noted in a statement preceding the data, “We are not @OfficialNull the official account of NullCrew is @NullCrew_FTP.”

Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles