BreachExchange mailing list archives
MLSgear.com site hit by SQL injection attacks; personal data of customers compromised
From: lyger <lyger () attrition org>
Date: Sat, 9 Feb 2008 00:30:02 +0000 (UTC)
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9061858&taxonomyId=17&intsrc=kc_top A series of SQL injection attacks on servers hosted by a third-party service provider has compromised the personal data of an unspecified number of individuals who had shopped on Major League Soccer's MLSgear.com Web site. The compromised information included names, addresses, credit and debit card data, and MLSgear.com passwords, MLS President Mark Abbott said in a letter sent to affected individuals on Feb. 1. MLSgear.com is the soccer league's official online store. The incident was first reported by PogoWasRight.org, a blog that tracks data breaches. The blog site also posted a link to a notice that was sent by MLSgear.com to the office of New Hampshire's attorney general, informing the AG of the breach and saying that it affected 169 New Hampshire residents [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- MLSgear.com site hit by SQL injection attacks; personal data of customers compromised lyger (Feb 08)