Thai Travel Center Hacked, 1400 user credentials leaked

ttclogo

Hacker collective Grey Security, @Gsec_ yesterday released a dump of accounts from the Thai Travel Center website (http://www.thaitravelcenter.com) which hosts a bunch of services and information aimed at helping out people who are travelling around Thailand.

The leak has been announced on twitter and posted to pastebin.

Grey Security ‏@gsec_

Thai Travel Center #OWNED – http://pastebin.com/FFUEQshh  –#ForTehLulz? #GSecsBackBitch. @TruthIzSexy @Cyber_War_News@An0nPun1shm3nt

the leaked data contains 3 different lots of account data, one lot belongs to  the staff and contains usernames, emails and a very common password “3088333” which appears to be the same for most staff accounts.

Other data leaked is a list of 1400 user credentials for the sites login which contain usernames, emails and clear text passwords. the leak also has a few SMTP account details which also use the same password as the staff accounts.

So as we can see this website has not attempted to implement any security what so ever and its no great surprise they have fallen victim to hackers.

http://ozdc.net/archives.php?aid=4239

http://pastebin.com/FFUEQshh


Posted in Head Lines Leaks