By I-Hsien Sherwood | i.sherwood@latinospost.com (staff@latinospost.com) | First Posted: Feb 06, 2013 11:26 AM EST
Tags Anonymous, Hacktivism, Federal Reserve

The hacktivist group Anonymous has struck again, breaking into websites of the Federal Reserve and posting sensitive information about over 4,000 bank executives.

"A spreadsheet has been published on a .gov website allegedly containing login information and credentials, IP addresses, and contact information of American bank executives," writes ZDNet.

"The spreadsheet document contains usernames, names of individuals and their titles at banks across the U.S., hashed passwords (not passwords in plain text). It was placed on a .gov website and on Pastebin, and publicized via various Anonymous accounts on Twitter and Facebook."

Anonymous claimed responsibility for the breach, tweeting. "Now we have your attention America: Anonymous's Superbowl Commercial 4k banker d0x via the FED https://acjic.alabama.gov/documents/oops-we-did-it-again.html ... #opLastResort #Anonymous"

Operation Last Resort is Anonymous' series of hacks and denial of service attacks in retaliation for what they call overzealous prosecution by the Department of Justice in the Aaron Swartz case.

Swartz allegedly posted unauthorized information he downloaded from the MIT JSTOR network online as an anti-copyright protest. Federal prosecutors took a hard line and Swartz faced 30 years in prison before he hung himself last month.

Two days after the Anonymous hack, the Federal Reserve confirmed the breach.

"The Federal Reserve system is aware that information was obtained by exploiting a temporary vulnerability in a website vendor product," said a spokesperson.

"Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system."

While the Fed seems to be taking the breach in stride, the bankers whose security was compromised are less calm, as are security experts who work with the industry.

"I've seen that list and it is absolutely rife with account details. Usernames and hashed passwords are included with salts. Anyone worth their weight in the technology field can decrypt a hashed password. The Fed did state that the passwords weren't 'compromised,' but that just means that they weren't listed out in plain-text," said Jon Waldman, an information security consultant, speaking to ZDNet.

"It's my official position that there was a blatant and irresponsible lack of tact and urgency in the response by the Federal Reserve to the individuals and institutions contained in this list.

© 2015 Latinos Post. All rights reserved. Do not reproduce without permission.