A hacker has claimed to have breached the US Federal Bureau of Investigation’s website and leaked personal account information to a public site, media reported.
The hacker, known as CyberZeist, exploited a zero-day vulnerability in the highly-secured Plone Content Management System (CMS) of the FBI’s website and leaked some of the information to Pastebin, an open source site that is often used by hackers to post stolen information and bits of code, RT.com reported on Thursday.
A zero-day fault is a vulnerability in the code that has not been detected, listed, or patched yet. Therefore, the FBI had zero days to respond to the attack.
This is not the first time the hacker claimed breaching the FBI site. In 2011, CyberZeist is believed to have hacked the FBI site as a member of a group known as Anonymous.
Authorities in the US have not yet responded to the recent hacking incident that was claimed to have occurred last month.
“fbi.gov CMS Exploited, files in view – PasswordResetTool.py, product permissions, setup file. More coming soon #FBI #PWNED,” the hacker had tweeted on December 22.
“Don’t blame the #hacker, blame the faulty #code!,” CyberZeist had said in another tweet on December 27.
CyberZeist warned other agencies that are currently using the Plone CMS that they too are vulnerable to a similar attack. “Amnesty acknowledges to patch the Plone #vulnerability in their CMS, just in time!,” CyberZeist said in a recent tweet.