Last weekend an account of a high level CService admin got compromised which caused some havoc on this top 5 IRC network. CService is Undernet’s channel service and is responsible for the channel service bot on the network, X.
For the account to be compromised the malicious person used social engineering and got the ISP of the admin in question to trust him and supply him with the password of the email account of the admin.
Once compromised, he used the high level access to cause some havoc in a few channels. His actions were noticed quickly however. An CService admin said to IRC-Junkie that all of CService’s actions are extensively logged and thus all actions were being rolled back to their original state leaving no permanent changes.
This event is a prime example where it shows that the human is still the weakest link in (online-) security.