LulzSec warns NHS about compromised passwords

As a reaction to the “bucket list” of a girl battling Hodgkin’s lymphoma going viral on the Internet and her call to people to donate bone marrow, LulzSec has apparently joined her quest by spreading the word about her blog, the initiative and notifying the UK’s National Health Service of a security issue with one of its databases:

The email was apparently sent to the NHS and has ben posted by LulzSec and linked to it through their Twitter account. The passwords were obscured on purpose.

According to the BBC, the NHS has reacted by saying that no patient information has been compromised. “This is a local issue affecting a very small number of website administrators,” it said. “No national NHS information systems have been affected.”

The hackers seem to agree. “Subdomain NHS access compromised 5 core admins and contact info of several affiliates. Luckily they stored nothing of importance on that DB,” commented LulzSec on Twitter.

The group has been behind a number of breaches lately, but this is the second time that they haven’t misused the information they managed to gather. Nintendo has also been the lucky recipient of a warning about the state of (in)security some of their assets.