A hacker gang claims to have leaked more than a million user accounts from some 100 websites worldwide. The GhostShell gang on Saturday posted online what it claims are accounts and records from various financial services, consulting firms, academia, law enforcement, and the CIA. Researchers say the attackers appear to have employed mostly SQL injection, but also exploited weak passwords and vulnerable content management systems. The attackers used the popular popular SQLmap tool, and some of the hacked databases included more than 30,000 records.”]
Source: https://www.darkreading.com/attacks-breaches/ghostshell-haunts-websites-with-sql-injection