LG has suffered yet another blow and this time the hacker who is apart of Turkish Ajan Hacker Group, @Maxn3y who contact us with two breaches that have been carried out on the Hungarian based LG mobile subdomain and on subdomain of the Korean site. The breach has also resulted in one of the sites being defaced which appears to be restored now. Over the past few Maxney has been hitting a lot of high profile targets and this just adds another one to the list.
The data leaked from the Hungary site contains administrator credentials that have encrypted passwords as well as 1300+ user credentials that contain user names, locations, logins, emails and encrypted passwords. Target: https://lgmobile-webaruhaz.lg.hu/ Paste: https://pastebin.com/B95Ee6Um Stats: https://ozdc.net/archives.php?aid=4010
This was a mix from a few different domains with over 2000 duplicate emails and only 284 are not. Account and credentials vary. Target: 1. https://www.lgeri.com/
Paste: https://pastebin.com/k60CM5Qy Stats: https://ozdc.net/archives.php?aid=4009 Just last week on the 5th LG Smart world got breached and over 11,000 accounts got leaked. It would seem that even tho lifes good at LG it appears they need to work on security.