Break Down of Information from City of Lansing by Turkish Ajan

city-of-lansing-michiganrelated article In the leaked files contains a wide range of personal information from people who have registered with the site. The personal information found in the leak has been broken down into sections below as to where it was found and what exactly was found. Folder: bike File: poc.xmls Found: 1782  usernames, passwords, email addresses and genders. Passwords are not encrypted and some examples are "letmein, fakepass, password" Folder: emscert File: emscert_points.xmls Found: 2 Administrator names, clear text passwords and other information. Folder: emscooling File: emscooling_points.xmls Found: 2 Administrator names, clear text passwords and other information Folder: epa File: users.xmls Found: 27 Administrator accounts with system name, admin name, email addresses, mix of encrypted and clear text passwords. Emails not only belong to the main City of Lansing domain but also a domain of which appears to be in control of its main site, spartaninternet.com and a single education one msu.edu. Folder: hrcs_diversityconf File: poc.xmls Found: 67 Credentials from education, business and alike with full names, locations, addresses, contact numbers, numeric based passwords and email addresses. Folder: ledc File: spartan_users.xmls Found: 17 Administrator accounts with usernames, email addresses and encrypted passwords. Folder: ledc File:  spartan_userinfo Found: 8 credentials that belong to the administrators from the spartan_users file. these contain names, addresses and contacts. Folder: listserv File: listserv_users.xmls Found: 18 Administrator accounts with user names, full names, email addresses, clear text passwords. Folder: listserv File: listserv_users.xmls Found: 7028 email addresses registered with the site. Folder: maintenance_activities File: poc.xmls Found: full names, user names. email addresses and clear text passwords. Folder: mysql File: user.xmls Found: 14 mysql server administrator details, user names and encrypted passwords. Folder: newsevents File: poc.xmls Found: 48 Administrator accounts with full names, user names, email addresses. clear text passwords. Folder: traffic_calming File: users.xmls Found: 2 administrator accounts with user names and clear text passwords. From going over all these files i have determined that a lot of the administrator accounts appear to be related to the sites emailing system as well as some from Michigan State University (msu.edu) and some from Spartan Internet Services (https://www.spartaninternet.com/) which appear to be the ones who have setup this system which is built on phpnuke, bbgroup and other well known open source platforms which are well known to be exploitable, outdated and as we have seen store information in clear text.

Lee Johnstone

Lee Johnstone

Information Security Data Analyst, Investigative Journalist, Technology Lover, Mechanic.

Read More