Data dump; Network intrusion

Hacker(s) exposed the WordPress configuration file, apparently including the backend database location and password. This configuration file was then published on an online public bulletein board. Perps exploited a weakness called a directory traversal vulnerability. “That's where you construct a URL that persuades the server to navigate to a part of the web server you aren't supposed to be able to access, and to retrieve content from there. . .Poor handling of filenames “seems to have been what was wrong on the Study in the States website.” Hacktivist group NullCrew announced 1/5/13.