Hacktivist group NullCrew recently announced a succesful intrusion (though intrusionette might be a better word) against a website in the DHS.GOV domain hierarchy. The intrusionetted site was studyinthestates.dhs.gov, intended to help foreigners find out if and how they might be able to study at US schools, colleges and universities. It looks as though the site was vulnerable to whats known as a directory traversal vulnerability. The fault seems to have been patched now, but this hole was used to fetch the WordPress configuration file, apparently including the database location and password.”]
Source: https://nakedsecurity.sophos.com/2013/01/07/dhs-website-falls-victim-to-hacktivist-intrusion/