[trotsky]

I agree with you, it's not that I'm trying to say the whole thing is a work of fiction, just that things are often (partially) misrepresented. I believe the breadth of the claimed in house and unused code is unusual, but certainly not impossible. There seems to be a lot of people that attempt to sell/broker other peoples code that they aren't in possession of (since IP protections in these cases are non-existent)

Regardless, it seems anon got a SQL dump, root on a web server and a ticket box, and a google apps admin account - these aren't the types of places marketable vulnerabilities are usually kept.

[btilly]

Anon got more than that. Anon got passwords that got reused. I would be shocked if they did not poke around the network more to see where those passwords would go, and (given that passwords were reused where they shouldn't have been) I would not be surprised if there were not some more interesting places that they got into.