LulzSec: UK Census Data Breached, Member Arrested

Tuesday, June 21, 2011



UPDATE:  "Hacking collective LulzSec has set its sights on banks as part of a new campaign, dubbed Operation Anti-Security. Meanwhile, the group has cast doubt on claims that a teenager arrested by UK police today is its "glorious leader" and denied hacking the country's census database..." (Finextra)

*   *   *

A message posted on Pastebin last Friday purported to be from the hacker collective Lulzsec vowed that the group would continue committing network intrusions "until we're brought to justice".

For 19-year-old U.K. resident Ryan Cleary, that day may have come much sooner than anticipated. Reports indicate that Cleary was arrested after a joint investigation by Scotland Yard and the FBI.

LulzSec is reported to have conducted a successful attacks against the Central Intelligence Agency, the U.S. Senate website, PBS, as well as networks belonging to the Atlanta chapter of FBI affiliate InfraGard. LulzSec also claims to have also hacked Sony Pictures, Sony Entertainment and Sony BMG, among others.

Cleary could face extradition to the United States to face federal charges under the Computer Misuse Act and Fraud Act.

News of the arrest coincides with another message posted on Pastebin that is also thought to be from the hacker collective which indicates the group may have breached a system containing British census data.

The message states:

Greetings Internets,

We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census

We’re keeping them under lock and key though… so don’t worry about your privacy (…until we finish re-formatting them for release)

Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure!

Ahoy! Bwahahaha… >:]

Given LulzSec's high profile and the difficulty in confirming the source of anonymous Pastebin postings, many security experts are reluctant to believe the U.K. census data breach story until futher proof is offered.

Sophos' Graham Cluley tweeted, "Here at Sophos we're assuming the LulzSec/UK census story *isn't* true until we see more evidence than that Pastebin url. Fingers crossed."

Officials at the U.K.'s Office of National Statistics indicated they are looking into the matter, but stated they “weren’t aware of the issue” regarding a breach of the agency's systems.

Possibly Related Articles:
arrests FBI Headlines Hacktivist hackers United Kingdom Lulzsec Census Data Scotland Yard Ryan Cleary
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.