When you make the laws and rules that govern data security and safety online, you expect that the rule makers will follow them. That isn't always the case though. Hackers are always trying to find their way though the security around websites in the private and government sectors for all sorts of nefarious uses. Apparently, one hacker has succeeded in getting around the security on some government websites and is selling the access to the highest bidder.
According to Imperva it found an auction online from a hacker that claims to be selling access to the US Army CECOM website for under $500. The same hacker also offers access to other civilian, government and military websites for prices running from $33 to $499. The use for the access is apparently to steal user data stored on the servers.
A thousand records will cost the buyer $20 each for some sites. The data can then be used to break into other accounts. Indications are that information on 300,000 people has been stolen from the sites. The exact method used to hack the sites is unknown, but Imperva suspects the hacker used SQL injection.