LulzSec Pours Scorn on UK Census Hack Story

Tweeting hacker group Lulz Security has poured scorn on reports that it hacked the UK Office of National Statistics’ massive 2011 census database.

Only hours after a teen accused of being a member of the group was arrested in Essex, the group’s Twitter feed sprang into life once more after a period of silence to deny any involvement.

“Just saw the pastebin of the UK census hack. That wasn’t us – don’t believe fake LulzSec releases unless we put out a tweet first,” read a tweet referring to the open forum where the claim was first publicised.

“Anyone in the world can copy and paste The Lulz Boat ASCII art and general lighthearted theme. Smarten up, check the feed first,” read post soon after.

Some in the security community were sceptical about the story. The UK census – a once per decade questionnaire filled in by every UK household – was conducted only a few weeks ago and would be unlikely to exist as a single hackable entity. A sizable part of the database will only exist in the form of yet-to-be-processed paper forms. Processing this data is known to take years.

It might also have been logical to release a portion of the data from the outset to prove the hack’s existence.

Security analysts have busied themselves speculating about the identity of the group that is becoming as famous for its chatty ‘Captain Jack Sparrow piracy theme’ as its growing list of nuisance DDoS attacks on prominent websites.

One security blog reckons that the group has at least seven active members, being a spin-off from the recently silent Anonymous hacking collective. The favoured form of attack is to exploit one or more software vulnerabilities. None of this is new. Unlike criminals, however, LulzSec draws attention to its actions.