By Nathan MaybergCHESTER — What does the town of Chester have in common with the Pakistan Ministry of Commerce and the Ukranian government? Their websites were all allegedly hacked by someone claiming to be associated with the international hacking group Anynomous.
Last week, a hacker with the Twitter tag @anonymousglobo posted links to what is allegedly the user names and passwords to the database of the town of Chester government website, as well as websites for the Pakistan and Ukraine government.
Town of Chester Supervisor Alex Jamieson said he and the town's information systems technician (IT), who is based in Poughkeepsie, were notified of the breach on Thursday.
"I've gotten an email from a gentleman saying we were hacked," Jamieson said.
Jamieson said he contacted the Poughkeepsie-based IT group, which confirmed that the town website's user name and password posted on Twitter by the alleged hacker was correct, and that the wesbite was indeed hacked. The website's information systems technician, Stephanie Wyant of Dash Inc., changed the password to the website.
"She said we should be O.K.," Jamieson said.
Jamieson said the hacker did not gain access to any sensitive information, such as credit cards, Social Security numbers or other personal information belonging to town residents for paying their tax bills. Jamieson said that information is kept on a separate server, which is secure.
"It's not like they hacked into anything secretive," he said.
He and the IT consultants looked at the website and didn't see anything that looked different. "Nothing out of the ordinary," he said.
Jamieson shared a copy of the email from Wyant to him regarding the issue, in which she stated this week that "some hacker got our database password....it doesn't look like anything has changed."
The web address to the town of Chester web address posted on the hacker's link from Twitter led to a message that read "error establishing database connection."
Wyant said she took down the website on Thursday in order to change the password and update security. She expected to have the site back up by Friday afternoon. Some added security measures may be taken.
Wyant said she believed the hacker posted the user name and password online but didn't do any damage to the actual website.
Wyant stressed that the website didn't contain any email addresses or other personal information of town employees — although the town's old website, http://www.thetownofchester.org, which is still up and operated by the town of New Windsor, does contain such information. Wyant's company created the new website for the town this past June. She said it was created to be more user-friendly.
Wyant said she couldn't tell how the website was hacked into or where the hacker originated.
"How did Target get hacked? It's the same thing," she said.
Other posts on the "Anonymousglobo" Twitter feed included messages about Israeli websites being down and the World Wildlife Federation being hacked.
Prior posts in the preceding days from the supposed hacker show posts of police running from protestors in Pakistan where there has been political unrest, and the posting of the words "you violate our rights, we tear down your databases."
A post on Sept. 4 threatens to leak 90,000 credit cards and bank accounts from the Pakistani government. Previously, the group claimed to have released sensitive bank information and credit card numbers taken from the Pakistanis.
There have been a number of high-profile hacks over the past year involving the theft of millions of credit card user's information from corporations like Target, Home Depot and J.P. Morgan Chase Bank. Those have not been linked to the Anonymous group.
The Twitter user Anonymousglobo boasts more than 12,000 followers, but only follows 35 people.
The Anonymous hacking group has been associated with high-profile hacks into government websites worldwide, credit card companies, Paypal, Sony, Playstation and the Church of Scientology.
"I'm kind of stunned why somebody would hack into a public website," Jamieson said.
Town of Chester Police Chief Daniel Doellinger said the posting of the town website’s username and password information for the database is not being investigated. Doellinger said there is no evidence that the website was hacked, although he confirmed that the username and password posted by the hacker was correct.
"There shouldn't be any problems in the future," Wyant said.