Anonymous Hacks myBART.gov, Database Exposed

What started as a group of people wanting to protest has become an all out war over censorship. After earlier threats were made by Anonymous, it appears as though Anonymous did make good on their threat to target BART.

Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes

We’ve been following the story about BART and censorship. It was sparked by the death of a knife-wielding at the hands of police by gun fire. Upset at the events that transpired, some people wanted to protest at the San Francisco subway station. When BART caught wind of the potential protest, they cut all cellphone services in an effort to avert the protest.

The news spread like wildfire and caused outrage amongst several including the ACLU and the EFF. In the midst of a fierce debate over things like censorship and personal safety, Anonymous, a hacking collective, threatened to “remove” BART from the internet in retaliation against what many have called censorship. While they threatened to remove the website for 6 hours, it appears that the myBART.gov database was compromised.

The database was dumped on to a webpage for all to view. The database dump came with this statement:

We are Anonymous, we are your citizens, we are the people, WE DO NOT TOLERATE OPPRESSION FROM ANY GOVERNMENT AGENCY. BART has proved multiple times that they have no problem exploiting and abusing the people. First they displayed this by the two recent killings by BART police. Under no circumstance, unless police are shot at, make police killings acceptable. Non-lethal weapons were available to use during both incidents, providing even that was necessary, but instead they shot to kill. Next they violated the people’s right to assembly and prevented other bystanders from using emergency services by blocking cell phone signals in order to stop a protest against the BART police murders. Lastly, they set up this website called mybart.gov and they stored their members information with virtually no security. The data was stored and easily obtainable via basic sqli. Any 8 year old with a internet connection could have done what we did to find it. On top of that none of the info, including the passwords, was encrypted. It is obvious BART does no give a fuck about its customers, funders and tax payers,THE PEOPLE.

The governments and government agencies of the world are becoming tyrannical and oppressive,
and the people are responding and will not take your shit for much longer. The people will fight this oppression with protests, demonstrations, riots, hacking, ddos, online attacks and by any other means. We will not allow ourselves to be killed, exploited, or get shitted on. From the streets of Chile, England, Portland, San Francisco, Oakland, the people are rising up and we will support each other and stand in solidarity against any injustice. Worldwide resistance is happening, we will participate in solidarity against oppression. SOLIDARITY IS OUR WEAPON.

Thus below we are releasing the User Info Database of MyBart.gov, to show that BART doesn’t give a shit about it’s customers and riders and to show that the people will not allow you to kill us and censor us. This is but the one of many actions to come. We apologize to any citizen that has his information published, but you should go to BART and ask them why your information wasn’t secure with them. Also do not worry, probably the only information that will be abused from this database is that of BART employees.

I think it’s fair to say that this controversy isn’t going to go away any time soon at this stage.

Drew Wilson on Twitter: @icecube85 and Google+.

Leave a Reply

Your email address will not be published. Required fields are marked *