The online hactivist group “Anonymous” gained access to yet another government security contractor’s server and released approximately 400 megabytes of sensitive, internal documents.
The servers at ManTech International, a company that provides cybersecurity services to the U.S. government, were breached by the group on Friday and announced on the group’s Twitter account.
“ManTech has been owned,” Anonymous tweeted. “Release within 24h.”
Included in that batch of stolen information are mail spools, usernames, passwords, social security numbers, home addresses and phone numbers of over 7,000 officers, a list of hundreds of police informers and internal police academy training files, among others.
“We are providing these ManTech documents so the public can see for themselves how their tax money is being spent,” wrote the group in their release. “But don’t you worry, the U.S. is a rich country and can afford to waste money, right?”
“Dear government and law enforcement, we are repeating this message as we have the suspicion you still do not take us seriously: We are not scared anymore and your threats to arrest us are meaningless,” they added. “We will continue to demonstrate how you fail at about every aspect of cybersecurity while burning hundreds of millions of dollars that you do not even have.”
ManTech addressed the attack on its website and assured its customers that it continues to deal with the intrustion.
“Given current publicity, we wish to assure our customers, employees, shareholders and business partners that ManTech takes seriously recent reports of a cyber threat, and we responsibly and actively address all sources of information about threats to our information and assets and those of our customers,” the company stated.
Last month, Anonymous hacked into the systems at Booz Allen Hamilton and claimed they deleted four gigabytes of the firm’s source code and took 90,000 military email addresses, encrypted passwords and data related to other companies and government networks. Anonymous and Lulz Security, another prominent hacktivist group, have said the campaign of attacks they are calling “AntiSec” is to humiliate businesses and agencies that fail to protect consumer and employee data, Andy Greenberg wrote on Forbes’ Firewall blog.