A software firm that provides security products to protect computers from virus and malware attacks has been hacked, making sensitive information available to the public.
Technology security firm Kaspersky Lab’s website was infiltrated by a hacker who posted screenshots proving he used a technique used SQL injection to access the site’s database. The hacker says he found “EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc”.
The hacker also said the personal details of customers were left exposed, and clarified “staff will never save or keep any confidential data, we just point our fingers to big websites with security problems”.
Kaspersky clarified that the “vulnerability wasn’t critical and no data was compromised from the site”.
“A vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site.
“The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection.”
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.