A group of hackers claims to have breached the official website of the Library of Congress, America’s national library.

The group claiming responsibility, BlitzSec, decried the wildly unpopular US Congress and said it used a SQL injection attack to access the Library of Congress Website’s back end database and expose user names, passwords and email addresses. The group has posted data taken from the Library on the file sharing Web site Pastebin.

According to Softpedia.org, BlitzSec made a name for themselves by publishing exploit proof-of-concepts after compromising popular websites.The exact motive for the attack on the Library is unclear.

In a statement on Pastebin, BlitzSec said he hack was a message to the U.S. Congress, which it singled out for controversial legislation like the National Defense Authorization Act and the Patriot Act, calling members “criminals” and “terrorists.”

Congress has often been the target of attacks and Web site defacements, as well as inadvertent data leaks. Congressmen and women, as well as staff, also receive a flood of malicious mail, according to reports. Despite that, numerous audits by the Government Accountability Office and others have found efforts to secure critical government IT infrastructure to be lacking in recent years.  

Categories: Government, Hacks

Comments (7)

  1. Anonymous

    Really the test account password is testing? Who the hell manages this crap and lets people use five character passwords ahhhhhhhhhh. And people say I do not have the experience to get a security job, the CISO should be removed and replaced for allowing either policy to be lacking or employees not following those policies. I understand things get missed, but it’s a .gov page with stupid passwords and a SQL exploit. Are the government security guys this ignorant or are they spread so thin that they can’t manage all the infrastructure? 


  2. Anonymous

    “testing” has 7 characters, not 5…and yet you rant over and over about the ignorance of others.  LOL

  3. Anonymous

    I know testing is seven but others had five. Why would you allow simple passwords like that anyway? 

Comments are closed.