SF Bay Area Indymedia indymedia
About Contact Subscribe Calendar Publish Print Donate

East Bay | Police State and Prisons

#opBART Releases Unsecured User Info Database of MyBart.gov
by anon
Sunday Aug 14th, 2011 1:38 PM
Full database ending with ID=19818 at http://www.djmash.at/release/users.html
   :::   :::     ::::::::  :::::::::       :::::::::      :::     ::::::::: :::::::::::          :::      :::::::: ::::::::::: ::::::::::: ::::::::  ::::    ::: 
   :+:   :+:    :+:    :+: :+:    :+:      :+:    :+:   :+: :+:   :+:    :+:    :+:            :+: :+:   :+:    :+:    :+:         :+:    :+:    :+: :+:+:   :+: 
+:+:+:+:+:+:+:+ +:+    +:+ +:+    +:+      +:+    +:+  +:+   +:+  +:+    +:+    +:+           +:+   +:+  +:+           +:+         +:+    +:+    +:+ :+:+:+  +:+ 
   +#+   +:+    +#+    +:+ +#++:++#+       +#++:++#+  +#++:++#++: +#++:++#:     +#+          +#++:++#++: +#+           +#+         +#+    +#+    +:+ +#+ +:+ +#+ 
+#+#+#+#+#+#+#+ +#+    +#+ +#+             +#+    +#+ +#+     +#+ +#+    +#+    +#+          +#+     +#+ +#+           +#+         +#+    +#+    +#+ +#+  +#+#+# 
   #+#   #+#    #+#    #+# #+#             #+#    #+# #+#     #+# #+#    #+#    #+#          #+#     #+# #+#    #+#    #+#         #+#    #+#    #+# #+#   #+#+# 
   ###   ###     ########  ###             #########  ###     ### ###    ###    ###          ###     ###  ########     ###     ########### ########  ###    #### 

"Sooner or later the people in this country gotta realize the government 
does not give a fuck about them. The government doesn't care about you, or your children, 
or your rights, or your welfare, or your safety, it simply doesn't give a fuck about you. 
It's interested in its own power, that's the only thing, keeping it and expanding it wherever possible."

/////////////////////////////////////////////////////////////////////////////////////////////////////
### #OpBart #Bart-Action #FREETOPIARY #FREEMERCEDES #FREEBRADLEYMANNING #Justice for Oscar Grant  ###
 ### No Justice, No Bart ### UA In The Bay ### Bay Of Rage ### Anti-sec #Justice for Charles Hill ### 
////////////////////////////////////////////////////////////////////////////////////////////////////

/////////////////////////////////////////////////////////////////////////////////////////////////////
###              Your Website has been hacked and database has been leaked by:                    ###
###              #t0nicwater #Bl4ckAbby #NaDa #Tanko #Anonymous #hackers                          ###
////////////////////////////////////////////////////////////////////////////////////////////////////


Dear Bay Area Rapid Transit, The People and All Government Agencies, 

We are Anonymous, we are your citizens, we are the people, WE DO NOT TOLERATE OPPRESSION FROM ANY GOVERNMENT AGENCY. 
BART has proved multiple times that they have no problem exploiting and abusing the people. 
First they displayed this by the two recent killings by BART police. Under no circumstance, unless police are shot at, 
make police killings acceptable. Non-lethal weapons were available to use during both incidents,
providing even that was necessary, but instead they shot to kill. Next they violated the people's right to assembly and prevented
other bystanders from using emergency services by blocking cell phone signals in order to stop a protest against the BART police murders. 
Lastly, they set up this website called mybart.gov and they stored their members information with virtually no security. 
The data was stored and easily obtainable via basic sqli. Any 8 year old with a internet connection 
could have done what we did to find it. On top of that none of the info, including the passwords,
was encrypted. It is obvious BART does no give a fuck about its customers, funders and tax payers,THE PEOPLE.

The governments and government agencies of the world are becoming tyrannical and oppressive,
and the people are responding and will not take your shit for much longer. The people will fight 
this oppression with protests, demonstrations, riots, hacking, ddos, online attacks and by any other means.
We will not allow ourselves to be killed, exploited, or get shitted on. From the streets of Chile,
England, Portland, San Francisco, Oakland, the people are rising up and we will support each other and
stand in solidarity against any injustice. Worldwide resistance is happening,
we will participate in solidarity against oppression. SOLIDARITY IS OUR WEAPON. 

Thus below we are releasing the User Info Database of MyBart.gov, to show that BART doesn't give a shit about
it's customers and riders and to show that the people will not allow you to kill us and censor us. This is
but the one of many actions to come. We apologize to any citizen that has his information published, but
you should go to BART and ask them why your information wasn't secure with them. Also do not worry,
probably the only information that will be abused from this database is that of BART employees. 

Greetz to TeaMp0ison, lulzsec, anti-sec, anarchists, anon, bay of rage, No Justice, No BART, UA in the bay,
your anon news, anonymous irc.

World Wide Solidarity, "join us to make 2011 the year of leaks and revolutions."
id FirstName LastName email Phone Address1 City State ZipCode association URL user pwd UID utype_id bid
[User info removed by Indybay editor]

Full database ending with ID=19818 at http://www.djmash.at/release/users.html
§MyBART.org defaced
by anon Sunday Aug 14th, 2011 2:34 PM

MyBART.org defaced

60 page BART pdf related to Oscar Grant civil suits

Comments  (Hide Comments)

pixplz Justin Beck
.@SFBART interim general manager Sherwood Wakeman's leaked password and many others still work on mybart.org #BART #OpBART
23 minutes ago
marymad mary mad
@
@pixplz head of PR linton johnson's info is on the list. think he suggested the cell shutdown. hope someone notified users. #opBART
32 minutes ago Favorite Retweet Reply
anonadamh Anonymous
On the road, stopped @ Starbuck-- To the haters, it doesn't matter if they catch me, we are legion, you are small minded #antisec #OpBart
34 minutes ago Favorite Retweet Reply
BART Calls In Feds After Hack Exposes User Info, Another Cell Block Possible For Protest Monday

3:03 PM: A marketing website for BART, MyBart.org, was hacked today and data for hundreds of users was stolen and posted to the Internet. The stolen data included names, addresses, phone numbers and passwords.

"We are working to mitigate the attack," BART spokesman Jim Allison said. "We're also working to notify the people whose information has been breached."

The hacker protest group "Anonymous" took credit for the attack, and posted links to the stolen user data on its Twitter account. It also posted contact information for BART employees on its website and encouraged its members to flood them with emails and phone calls.

Allison said that BART is working with federal officials to respond to the attacks and to prevent any future security breaches. He said that any MyBART.org users that have had their information stolen should not open any unsolicited emails and immediately change any passwords that my have been shared with their MyBART.org account.

The MyBART.org website was hacked using the logo of Anonymous and to add a link to its Twitter account. The site is normally used for marketing, announcing and deals near BART stations, and sends subscribers regular emails.

As of 2:30 p.m., BART's main website, bart.gov was still accessible. Allison said that if BART's website did go down, travelers are recommended to use 511.org for transit information.

Allison also noted that BART's website infrastructure is not at all connected to the computer systems that run the trains themselves, and that the web attacks would not result in any service delays.

Another website not associated with BART, Californiaavoid.org was also hacked with the logo of Anonymous and to add fake news stories containing racial slurs. California AVOID is a state-sponsored partnership of law enforcement organizations to prevent drunk driving.

Anonymous announced its intention to hack BART websites in a posting on its website. The hacker group said that it is already engaged in a phone, email and fax campaign to disrupt BART's operations, and that there will be a live protest in the Civic Center BART station Monday at 5 p.m.

The hacking attacks and protest are in response to BART's interruption of wireless cell phone service in several downtown San Francisco BART stations to prevent a disruptive protest on Thursday.

Last week BART announced on its website that it was anticipating demonstrations on the BART platforms in August. Commuters were "advised that protesters may attempt to disrupt train service during August commute periods beginning as early as Thursday, August 11, 2011, in downtown San Francisco BART stations."

On July 11, protesters prevented trains from leaving the Civic Center BART station in response to the July 3 BART police shooting of Charles Hill in the same station. Protesters blocked the train doors and one even climbed on top of a train.

The Civic Center, Powell Street and 16th Street BART stations were all temporarily closed due to the protest. As a precautionary measure on Thursday, BART temporarily suspended wireless cell phone service in several downtown San Francisco BART stations.

"They were clear in stating they could use mobile devices to organize," Allison said. He said protesters intended to use cell phones to communicate about the number and location of BART police.

While the protest never materialized, Allison said he did not know if that was an effect of disrupting cell phone service in the stations.

The move has been widely criticized and reported worldwide, provoking further protest announcements and statements of disapproval from Bay Area public officials. Mayoral candidate Phil Ting released a statement Saturday that said the move violated fundamental principles of democracy. "The decision was made at the very highest staff level of the agency," Ting's statement said. "Censorship is not, and must not become, a public safety tool."

State Sen. Leland Yee also released a statement blasting BART officials for their decision. "I am shocked that BART thinks they can use authoritarian control tactics," he said. "BART's decision was not only a gross violation of free speech rights; it was irresponsible and compromised public safety."

The planned actions against BART have been widely discussed on Twitter using the hashtags #OPBart and #MuBARTek, a reference to deposed Egyptian President Hosni Mubarek, who reportedly disrupted Internet and wireless communications to stifle growing protests in Egypt. As of 11 a.m. today, over 100 people said they would be attending Monday's protest on a Facebook announcement.

Allison said no decision has been reached on whether BART will further disrupt cell phone services for Monday's demonstrations. "The top priority for us is the safety of our passengers. We'll be taking steps to try to make sure our customers get home safely," he said, but did not specify what those steps may be.

He said that BART allows for protests in the station, but outside the fare gates. "We firmly believe in free speech, that's why we have an expressive activities program that allows for activities outside the fare gates, where it's safe," Allison said.

In an announcement for Monday's protest it was not clear whether demonstrators intended to gather on the platform or outside the fare gates.

Organizers from Anonymous said the protest would be peaceful.

by BART news
Monday Aug 15th, 2011 12:00 PM
08.14.2011
Customer information about a mybart.org data breach

Today myBART.org account information was compromised in connection with an illegal and unauthorized intrusion into the myBART system. In response to this intrusion, we have temporarily shut down the myBART.org website, and have notified law enforcement authorities.

Although we are still investigating the details of this incident, we know that an unauthorized person has obtained contact information from at least 2,400 of our 55,000 members. In most cases, the information consists of names, email addresses, and passwords. In some cases, the database also listed an address and phone number. No financial information is stored in the myBART database.

For your security, we encourage you to be especially aware of email, telephone and postal mail scams that ask for personal or sensitive information. Also, if you use your myBART user name or password for other unrelated services or accounts, we strongly recommend that you change them.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it: – U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit http://www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact the agencies listed below:

Experian: 888-397-3742; http://www.experian.com;
P.O. Box 9532, Allen, TX 75013

Equifax: 800-525-6285; http://www.equifax.com;
P.O. Box 740241, Atlanta, GA 30374-0241

TransUnion: 800-680-7289; http://www.transunion.com;
Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the website of the U.S. Federal Trade Commission at http://www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC.

We are sorry this intrusion into the myBART data occurred and we notified those affected right away in case anyone tries to exploit the information. We will provide an update as soon as we have additional information.