- Back to Home »
- Miley Cyrus, Taylor Swift and Britney Spears websites hacked by Ethical Spectrum
Posted by : Sarsti Saini Wednesday, 12 March 2014
The latest tweet from the hacker shows he compromised the database containing username and password details belong to these websites "The database of #MileyCyrus, #SelenaGomez......etc with 2,5 million users and pass is for sell, anyone interested email me at my mail"
The hacker told E Hacking News that he found multiple vulnerabilities in the Groundctrl website and gained access to the database server.
He also gained access to the CMS panel which manages the celebrities' websites.
GroundCtrl CMS Panel
A hacker going by online handle "Ethical Spectrum" has hacked into websites belong to several celebrities and defaced the sites.
The affected websites include Miley Cyrus official site(mileycyrus.com), Selena Gomez(selenagomez.com), Taylor Swift site(taylorswift.com), Britney Spears site(britneyspears.com).
We are able to confirm that these are official websites of the celebrities, as it is being linked from their twitter account.
According to hackers twitter account(@Eth_Spectrum), he hacked into the above mentioned websites on March 8th. The website was restored after the breach. However, hacker mentioned he once again managed to deface them. ]
Other websites attacked by the hacker are Ground Ctrl(groundctrl.com), mypinkfriday.com, Chelsea Handler site (chelseahandler.com), Aaron Lewis(aaronlewismusic.com/), therealcocojones.com, christinagrimmieofficial.com, Kacey Musgraves(kaceymusgraves.com).
The defacement just reads "Why i hacked this site, you can ask this person firstname.lastname@example.org".
Greg Patterson is the co-founder of the Groundctrl, an organization that build websites for artists. It appears the security breach started from Groundctrl.
Other affected sites:
Rock Mafia(rockmafia.com ),
If you are not able to see the defacement, you can find the mirror here:
All of the affected websites are currently showing the maintenance error message except groundctrl official website.
Hacker didn't provide much information about the breach, so we are not sure how exactly he hacked into all of these websites, whether he found a zero-day exploit on the cms developed by groundctrl or all of the affected sites managed in a central place.