A HACKER from the Anonymous ‘hacktivist’ movement has accessed website passwords of a number of government employees and officials, and posted them online this evening.
Anonymous: Government website passwords obtained by Anonymous hacker
A user posted the details in an online chat room used by the collective for its ‘#OpIreland’ campaign, which targets the websites of Irish governmental agencies in protest at government plans to introduce new legislation reinforcing the rights of copyright holders in the sharing of online materials.
The passwords were then widely disseminated on Twitter through an account used by the Swedish arm of the international movement.
Subsequent tweets from the Swedish account specifically referenced Seán Sherlock, the junior minister behind the plans for the new legislation, urging him to “hear the good people of Ireland or expect us!”
The distributed data showed what appeared to be the passwords for 19 user accounts, 17 of which belong to the Department of Foreign Affairs, used by staff in the Department to edit the website for Irish Aid, the government’s overseas development programme.
The other two accounts appeared to belong to staff at Arekibo, a digital media company credited as having designed the site.
The chat room used by Anonymous later identified the website of the Labour party, of which Sherlock is a member, as another target. It is understood that access to the site was disrupted for periods overnight as a result of that attack, though the site itself was not compromised.
A spokeswoman for the Department of Foreign Affairs said there had been “some unusual activity” on the Irish Aid site, which has since between taken offline by the Department and remains inaccessible this lunchtime.
“We are aware of website user login information being posted online,” the spokeswoman said. “The website server has been taken offline as a precautionary measure and the matter is being investigated by our IT specialists.
“This is an external service and is separate to the internal Department servers; these have not been affected.”
The attack follows earlier activity by Anonymous, which had previously engineered attacks on Sherlock’s own personal website, as well as those of the Departments of Finance and Justice.
Those websites were the subject of DDoS attacks, where websites are deliberately flooded with traffic in order to make them inaccessible, almost exactly a week ago. On that occasion, however, no sensitive data was thought to have been compromised.
Sherlock yesterday told a Dáil discussion on his plans that he would not be changing the proposed wording of his statutory instrument, despite the fears of opposition TDs and businesses that its current format could allow the courts to grant injunctions blocking access to major websites like YouTube or Facebook.
An online petition against the legislation, launched nine days ago, had attracted just under 80,000 signatures at the time of publication.