Original URL: https://www.theregister.com/2011/10/09/unijobs_hacked_by_jerks/

Oz employment site suffers script kiddie attack

The usual outcome: user details on Pastebin

By Richard Chirgwin

Posted in Security, 9th October 2011 23:30 GMT

A group with the Twitter handle @BlackHatGhosts says it is behind breaking into the systems of Australian educational sector employment site Unijobs, posting the usernames and passwords of around 600 users on Pastebin.

First reported at The Conversation, the break-in follows the now-boring pattern of picking a small, softish target of no particular ideological value, punishing its users by publishing their details, and swaggering at the blow struck against heaven-knows-what imaginary enemy.

The site is operated by an Australian organization, the CBT Corp Unit Trust, a busy organization in operating small Web operations. Some are similar to Unijobs – Jobs4nurses.com.au, Govjobs.com.au, Tafejobs.com.au, WorldUniversityJobs.com, and Unijobs.co.nz – while others spread the organisation’s resources into other specalities such as the horse set (Equine.com.au), and a fledgling shopping app (I-shop.com.au).

Given the number of properties operated by the company, The Register contacted Unijobs to ascertain whether the attack would require upgrades or patches to any of its other properties. At the time of writing, no response has been received.

It should be noted that if Unijobs’ claims about its 40,000 user base are accurate, then the attack only affected a small number of its subscribers. &reg