News

Hackers break in to BitDefender's customer database

Yet another major security vendor has had a customer database accessed by hackers.

Hackers have accessed customer details from a Portuguese partner site associated with BitDefender.

Last weekend, a hacker broke into Kaspersky Lab's US support website. A programming flaw left the site open to SQL injection attacks.

As a result, the hackers could have potentially accessed around 2,500 customer e-mail addresses and thousands of product activation codes.

Details of the BitDefender attack were posted on the hackersblog.org website, which reports website security gaffes.

And with the dust barely settling in the wake of the Kaspersky and BitDefender hacks, Hackersblog.org now says it has also discovered SQL injection and cross-site scripting vulnerabilities in security firm F-Secure's site.

The BitDefender hackers used SQL injection to access personal customer details and email addresses.

SQL injection involves inserting commands into web-based forms or URLs to try and steal data held in back-end databases.

BitDefender said it shut the affected site after the vulnerability was found. It says no customer financial data was exposed.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy