Hacktivists Take Aim At Olympics Broadcast Service
Broadcasts and images of Games left intact, but employee contact information apparently breached.
While Olympians were vying for track-and-field medals in Rio de Janeiro last week, Brazilian hacktivist group AnonOpsBR was trying to secure its own victory. Last week on its Twitter profile (@anonopsbrazil), the group posted a Pastebin link to an apparent dump of employee contact data stolen from the Olympic Broadcasting Service (OBS).
OBS is the arm of the International Olympic Committee responsible for distributing official images of the Games. The attack may have been in response to the collapse of an OBS video camera Aug. 15 that injured bystanders in the Olympic Park, according to researchers at Tempest Threat Intelligence.
According to Tempest, the data dump did appear to include OBS employees' and freelancers' legitimate names, job titles, email addresses, and both mobile phone and landline numbers. "The data dump also contained some links to potentially sensitive PDF documents supposedly stored on the company's main website," said Tempest in a blog. The site was temporarily taken offline, "probably by the company itself," not attackers.
The compromise did not affect image generation or broadcast of the Olympic Games, say Tempest researchers, because the IT environment for OBS's field operations were segregated from its web presence. They believe the compromise was achieved via a SQL injection on the website, but this was unconfirmed.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024