It looks like Anonymous have followed through on their promise of dishing the dirt on the SA government, just as they threatened to do with their video release last week.

Like everything else it’s been given a hashtag, #OpAfrica to be precise, and now they claim to have hacked the website of the South African Department of Water Affairs.

The group have ‘dumped lists of usernames and passwords, some hashed and some stored in plain text’, with more below from MyBroadband:

This includes full names, e-mail addresses, and phone and ID numbers…

…the dump from Water Affairs also includes highly sensitive financial data, and details of projects.

Below is one such set of details, although you’ll want to click on that image to see it in full size.

Looks like they’re not spending their full budget – scandalous.

Another hack revealed a serious lack of creativity from government officials regarding their passwords. The passwords in question came from the Government Communications and Information Systems (GCIS) database, clearly showing that these aren’t the types to think outside the box.

More from another MyBroadband piece:

After running some simple cracks against the remaining 843 passwords (and getting 488 of them), [South African developer Evan] Knowles said he found the following:

• 25.2% of users had passwords that were identical to their first name.
• Out of the 1,116 passwords cracked, there were only 549 unique passwords.
• 9 passwords were only 1 character long.
• 53.1% of passwords failed the basic test of containing at least one number and being 6 characters long.
• In total, 29.8% of passwords contained the word “password”.

The top 10 passwords in the GCIS dump were:

1. password1
2. password01
3. password02
4. password2
5. password123
6. Admin#11
7. Education2015
8. Password123
9. password03
10. Password

I can’t help but feel that uncovering these details won’t do much to fulfil the group’s initial aims, which is about “a disassembly of corporations and governments that enable and perpetuate corruption on the African continent”.

Let’s see who’s funding what parties, let’s see how much money is being channelled offshore, let’s see the real dirt.  The fact that our government officials aren’t adept at coming up with a decent password isn’t going to topple the fat cats up top.

[sources:mybroadband&mybroadband]