On December 6th 2018, the website of the Academia Nacional De La Historia De La Republica Argentina (the National Academy of History of the Argentine Republic) was hacked, and sensitive information tied to clients of the website were leaked online. The hack was claimed as a result of a joint operation conducted by Brasilian Based hacking group “Pryzraky,” including members @Mecz1nho – @Ergo_hacker – @SH4RPSH0OTER – @Purpl3P – @Lil_Sh4wtyy – @zglobal_ – @Penichemito.
According to SHIZEN, hackers were able to exploit an Apache 2, PHP 7.0.30 file server attached to the back end of the website via SQL Injection – though they declined to share the exact payload or specific URL address effected. Among the data exposed, includes the first and last names, telephone numbers, email addresses, physical addresses and identification numbers of various clients belonging to the website.
Website Effected: hxxp://www.anh.org.ar/
Raw Full Leak: https://ghostbin.com/paste/nmw7d