Attackers Go Gaga Over Latest Hack

A group of hackers have plundered singer and musician Lady Gaga’s Website and made off with details of thousands of her fans.

The Swagger Security (SwagSec) attackers seem to be starstruck and have recently been concentrating on music sites – this is the fourth such attack in a month. Other targets include Amy Winehouse, Lauren Pritchard and Justin Bieber. The group has also threatened to raid the Klaxons and will continue until they get a mention on a track recorded by rapper Lil B.

“To Lil B: we lovin the new Bill Bellamy [track] (much swag) but where the shouts? All we asking for iz a Lil SwagSec mention on a track (at least respond to our DMS mane). We gonna keep steedy on our grind till we get them shouts and gonna be cookin up more releases n rackin up more felonies in da future,” they wrote in a Pastebin post.

SQL To Other Great Hits

Researchers at Imperva’s Application Defence Centre (ADC) have found a forum post where a hacker claims it was his SQL injection that led to the breach.

“When it comes to hacking, even in the entertainment world, data is king,” said Rob Rachwald, director of security strategy at Imperva, “Although nothing financial may have been taken, it’s a safe bet that Lady Gaga fans are getting fraudulent email messages offering exclusive Lady Gaga videos, pictures and music. But instead, they’re clicking on malware and becoming part of a bot army.”

SwagSec, which claims to be a pro-gay organisation, stole names and email addresses from fans’ accounts on June 27. Universal Music, which manages the site, claims that all the affected people have been notified and say that no financial information or passwords were involved. They added that the site has now been secured.

The hackers claim that Lady Gaga is anti-homosexual but she has voiced support for the lesbian, gay, bisexual and transgender (LGBT) communities. Whether Lil B will comply with their request for recognition is in doubt.

Lady Gaga herself has made no mention of, or offered no apology for, the hack either on the Website or in her Twitter feed. This rankles Graham Cluley, senior technology consultant at Sophos. In his Naked Security blog he said, “Although it’s right that the authorities should be informed regarding SwagSec’s illegal activities, there should surely be some recognition at Gaga HQ that perhaps the website was doing a lousy job at securing its fans’ information?”

Considering it is her fanbase that may be affected and, later, infected, the silence is a disservice to their support, Cluley said.

“The risk to users who had their details compromised, of course, is that they could have been the subject of targeted attacks,” Cluley warned. “Imagine how many of them might have opened an attachment or clicked on a link if they received an email claiming to be about free tickets for a Lady Gaga concert, or a sneak preview of her new video.”

Eric Doyle, ChannelBiz

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

3 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

5 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

6 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

7 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

10 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

11 hours ago