Angry members of LulzSec, part of hacktivist group Anonymous, hacked into a software security site that they believed helped authorities in the investigation that led to the arrest of six suspected leaders of Anonymous Tuesday.
The hackers posted what they said were the usernames and passwords of more than 100 employees of Panda Security, a Spanish-based company. They also left messages on the site, saying that Panda had helped authorities in their hunt for Anonymous members.
Panda Security acknowledged the breach on its Facebook page, but said the hack was to a Panda Security Web server "hosted outside of the Panda Security internal network," and that the usernames and passwords were for employees who "have not been working at Panda for over five years."
"The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed," the company said.
Graham Cluley, senior technology consultant at Sophos, said that the attack appeared to be motivated by comments made by a Panda employee who had praised the arrests in a blog post.
"The hackers appeared to single out yesterday's blog post (currently offline) by Luis Corrons, technical director at PandaLabs, who asked 'Where is the lulz (laughs) now?' which welcomed the action against (Anonymous leader) Sabu and other alleged LulzSec hacktivists," wrote Cluley on Sophos' Naked Security blog.
"Many will feel sympathy with Panda Security today - all they did was comment on the news reports surrounding Sabu and LulzSec," wrote Cluley. "They didn't deserve to be hacked like this. Thank goodness it wasn't that serious, and the company will be not be damaged long term by this incident."
Panda Security wrote on its Facebook page: "We continue investigating the cause of the intrusion and will provide more details as soon as they become available. Meanwhile we assure all our customers and partners that none of their information has been compromised and that our products and services continue functioning as normal."
As for Corrons, after the attack, he tweeted what may be the more disturbing message about LulzSec's action: "Lads defending freedom of speech until they don't like what you say."
Check out Technolog, Gadgetbox, Digital Life and In-Game on Facebook, and on Twitter, follow Suzanne Choney.
