Once again the Australian government has been hacked and as a. result. data was leaked which has exposed the fact that the administration have been setting and using passwords that could be guessed by anyone.
The attack which was carried out by @Venomsec had targeted an Canberra based website for victim support (victimsupport.act.gov.au).
Victim Support ACT is a service that can help victims of crime to cope with the impact of what has happened, and can help them access their rights and entitlements.
Victim Support ACT has two main services. The Victims Services Scheme (VSS) provides support, counselling and other services. The Justice Advocacy Unit (JAU) will help with information, advocacy and assistance with the criminal justice system, your rights and entitlements.
The attacked originally happened a few days ago and Google and pastebin had removed all traces of it before anyone had really seen it. We asked @VenomSec for a copy fo this leak and as a result we have discovered that the Australian government is allowing its workers who control websites to use passwords such as “test123” or “l3tm31n“(let me in) which are both commonly used within password lists for brutt forcing.
As well as the weak passwords its come to light that they store them in plain text, so if what has happened happens it means that anyone that views this leak will be able to see the full login credentials of the websites administration.
The contained only a 3 administration accounts but once again this just raises so many questions for the Australian government as how this website was allowed to be setup the way it is.
At time of publishing the website appeared to be offline.