Sun Readers’ Data Leaked Online

SecurityWorkspace

The Sun has admitted it may have lost thousands of readers’ personal information in July hack-attack

The Sun is warning thousands of readers who entered internet competitions their personal details may have been stolen in the hacking attack on 19 July.

An email to readers last night said no financial or password information was compromised but name, address, email, date of birth and phone numbers might have been.

Lulzsec and Anonymous claimed responsibility for the July attack, which redirected visitors to a hoax story about Rupert Murdoch’s death.

But a hacker calling themselves Batteye yesterday denied he was a member of either group as he released what was claimed to be data stolen from The Sun.

His Twitter account tweeted: “I’m not really with Anonymous, but then again I sort of am, aren’t I?”

Miss-ing data

The data purports to include people who registered as having been bullied at school and applicants for the Miss Scotland competition.

Chris Duncan, director of customer management at News International wrote to readers saying it regretted the incident and was working with the Information Commissioner and police to retrieve the data.

He also advised people to be wary of contact from unknown third parties.

“On the 19 July The Sun website was subject to an organised criminal attack,” he wrote. “We are contacting you because we believe that information that you submitted to us could have been accessed, and may be published online by the group responsible.”

Disinformation

The denials from ‘Batteye’ seem to run counter to the events surrounding the July attack.

When the original attack eventually crashed the website hosting the spoof Murdoch story, visitors were then taken to Lulzsec’s Twitter feed.

Here, they were greeted by the message: “TheSun.co.uk now redirects to our Twitter feed. Hello, everyone that wanted to visit The Sun! How is your day? Good? Good!”

Lulzsec and Anonymous boasted about the attack and days later claimed to be negotiating with national media outlets about releasing stolen data.

Lulzsec’s ‘spokesman’

Jake Davis, 18 and from the Shetland Isles, was arrested last week and charged in connection with hacking attacks against SOCA and News international, each claimed by Lulzsec.

He is alleged by authorities to be Topiary, the Lulzsec spokesman interviewed in the media and responsible for the group’s Twitter feed. He was released on bail yesterday to return to court on 30 August.

Lulzsec said it had disbanded the ‘Lulz boat’ and sailed off into the sunset on 26 June but resurfaced for The Sun hack, unable to resist sticking its oar into the phone hacking scandal engulfing News International.

Lulzsec’s Twitter feed, its platform for announcing attacks and taunting victims, has been quiet since 27 July.

Read also :