A new Anonymous-styled hacktivist group, SpexSecurity, has surfaced and then vanished, but not before allegedly siphoning the personal information of over 100,000 residents of a Tennessee town, including individuals’ e-mail passwords, social security numbers and birth dates.
Details of the hack were published yesterday on Pastebin. They include personally identifiable information on 14,525 residents of Clarksville, Tennessee, including former and current students and employees from the Clarksville-Montgomery County (CMCSS) School System. The hacking group claims to have information on 110,000 individuals. That data includes victims’ names, passwords, Social Security numbers, and birthdates, according to a report in The Leaf-Chronicle, a Clarksville-based newspaper.
Little is known about SpexSecurity’s membership or motives. In public statements and Twitter messages attributed to the group, CMCSS is blamed for inciting the hack by not patching its computer systems. The US Government is another target of Spex’s wrath, along with “anybody else who partook a role (sp) in the Murder of America.” According to an interview one of the group’s hackers did with culture magazine Death and Taxes, SpexSec claims to have called the school system to alert them about a hole in its system. The hacking group says they took matters into their own hands after that warning was ignored, hacking the system last week.
CMCSS has stated publicly that it never received such a call. The district took its Web site offline Monday after it became aware of the breach.
Despite announcing that it was “the new hacking era,” SpexSecurity quickly folded camp after publicizing the CMCSS attack. A post on the group’s Twitter on Tuesday announced “We’re no-longer hackers,” while two of the group’s hackers, Reckz0r and c0mrade publicized their whitehat conversion in two supplemental Pastebin posts.
The collective consisted of two former members of TeaMp0isoN, a hacker group that gained notoriety earlier this year following its hack of the United Nations. The group may have also had a third member, Makaveli, whose name appears next to c0mrade and reckz0r’s on the Pastebin post’s signoff.
It remains to be seen if the group will make any posthumous waves with its subsequent hacks. A Pastebin post by the group this morning claimed to have leaked the passports and VISAs of more than 200 suspected terrorists while the group also tweeted it had accessed information from Vietnam Airlines and was preparing to release it.
‘TriCk,’ a hacker allegedly involved with TeamP0ison was arrested earlier this year after launching a denial of service attack against a British anti-terrorism hotline while two other members of the group, ‘MLT’ and ‘Phantom,’ were apprehended in May. Over the last year, TeamP0ison took credit for spilling the information of more than 1,000 UN staff, along with leaking the account information of dozens of T-Mobile employees.