July 22, 2011

LulzSec Claims Hack On News Corp Emails

Hacking group LulzSec claims to have 4 gigabytes worth of emails taken from an alleged hack on servers at News Corp., but said it won't make them public for fear of jeopardizing ongoing legal actions.

The hacktivists said they abandoned plans to release the emails, but will instead plan to release select batches of the emails via a "partnership" with select media outlets, an approach similar to that applied by WikiLeaks to its controversial US diplomatic cables and war document releases last year.

An expert in email security warned the Guardian that the hack itself could undermine ongoing legal cases.

An anonymous spokesperson for LulzSec, sending a tweet out to its 124,000 followers, said: "We think, actually we may not release emails from the Sun, simply because it may compromise the court case."

The Sun parent, News Corp., is at the center of a legal case that accused the news company of hiring hackers to break into cellphone voice mails of murder victims, celebrities and victims of the 9-11 attacks.

Possibly, because law enforcement stepped up its game in making arrests of alleged members of the notorious Anonymous hacking group, LulzSec indicated it had no plans to publicly post any of stolen emails, at least not at this time.

Doing so could further escalate the tabloid scandal, as well as the investigations surrounding News Corp. CEO Rupert Murdoch. The emails could shed light on whether News Corp. executives truly had no knowledge of the voice-mail snooping, as they claim, Josh Shaul, chief technical officer at Application Security, told USA Today.

LulzSec appears to have a "treasure trove of emails that could have a massive impact on the ongoing investigations of Rupert Murdoch's empire," said Shaul.

Security experts believe fear of being arrested was the most likely reason why LulzSec chose not to make the emails public.

With the continuing global spotlight on News Corp., it is unlikely that hacktivists will steer clear of the corporation for long, Kurt Baumgartner, senior researcher at Kaspersky Lab told USA Today. "It's quite possible that more hacktivists will target related Web properties and resources," he said.

As more information comes out on the extent of News Corp.'s potential hacking for business practices, it is likely more hacktivists will head back into action. "This all proves that the corporate world has underinvested and underperformed on security," Shaul told USA Today. "Enterprises and governments are just not protecting data right now."

Earlier this week, LulzSec members ended a self-imposed hiatus to crack into News Corp., and redirect visitors to The Sun's website to a faked report about Rupert Murdoch's death.

Also, some accounts belonging to Anonymous began tweeting email addresses and passwords for staff at News International, including what seemed to be an email account and password for Rebekah Brooks under her previous married name of Wade while at The Sun.

News International reacted by closing down all external access to its web mail systems and forcing users to reset their passwords.

Contacts within Anonymous have told The Guardian that News International's email systems were being probed last week and that downloads were being made then.

And LulzSec says it would seek to release extracts of the emails it collected through media outlets.

"We're currently working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have," said a tweet from the official @LulzSec feed.

The names of the "media outlets" concerned have yet to be revealed.


On the Net: