Sat, 19 March 2016, 18:00 UTC — Sat, 26 March 2016, 18:00 UTC 


LASACTF event.

Format: Jeopardy Jeopardy

Official URL:

Future weight: 0.00 

Rating weight: 0.00 

This event participation is restricted to high-school teams only! No global rating points.

This event lasts more than 5 days! No global rating points.

Event organizers 

Intro-level Capture the Flag competition targeted at high school students. Organized and run by students at LASA High School in Austin, TX. The competition will take place between March 19 and March 26.


There will be prizes! Information about them will be released soon.

5t0rm5had0wMarch 23, 2016, 4:41 a.m.

Is site down???

guruMarch 23, 2016, 5:42 a.m.

@shan seems to be.

guruMarch 23, 2016, 5:56 a.m.

Dear LASACTF Competitors,

We must regretfully inform you of a security breach that has occured on our website. A brief explanation is below, and we plan to send more details in a follow-up email. If you use your password on other websites, we recommend that you change the password on each relevant account.

At approximately 2 PM CDT Tuesday, March 22nd, a dump (text file) containing critical LASACTF data was posted to the competition chat. This was a snapshot of the entirety of the LASACTF database, which included usernames, emails, first and last names, city/state location information, and hashed and salted passwords. Please note that the hashed and salted passwords do NOT contain plaintext password information - we used the bcrypt algorithm to hash and salt each password. This means that a malicious attacker would not immediately have access to a password, but could possibly determine the password through a time-consuming brute-force attack.

We are currently investigating the nature of the attack. At this point, we do not know whether we will be postponing or even cancelling the competition. We will keep you updated as we uncover more information and make decisions.

Again, we recommend that you change your login password on other web accounts if they share the same password you used to register with LASACTF. This is a precautionary measure to ensure that no attacker would be able to determine your password using the dumped information.

We would like to apologize for this security breach. We will keep you updated on any new developments.


Sign in to comment.