Double Trouble for RockYou: Class Action Lawsuit Follows SQL Injection Attack
Over the past few months, there has been major growth in the number of successful SQL injection attacks against well-known web sites such as Apple and Intel.
Yesterday, January 5, 2010, following last month’s security breach at the application development firm RockYou, a class action lawsuit was brought against the company by one of the service’s subscribers. The application provider is best known for its Slideshow and Superwall apps for MySpace and Facebook.
The lawsuit, filed in federal district court, accuses the company of “failing to use hashing, salting or any other common and reasonable method of data protection and therefore drastically exacerbated the consequences of a hacker bypassing its outer layer of web security.”
The lawsuit claims a hacker known as “igigi” exploited an SQL injection flaw and made off with e-mails and passwords of approximately 32 million registered RockYou users. RockYou admitted to both the breach and the security flaw last month.
Being protected from SQL injection is now as serious an issue as it can get.
Being hacked using SQL injection apparently can lead to a class action lawsuit.
GreenSQL provides free, easy to use and reliable SQL injection protection.
About a week ago I wrote the “Database security, Database Firewall? Why should I use GreenSQL?” This class action lawsuit enhances the reasons I gave and then some.
Be secured, be protected, from SQL Injection and, even more importantly, from class action lawsuits.
