By John Leyden
21st January 2008
A lack of security controls allowed hackers to "wipe" the Recording
Industry Association of America's (RIAA) website on Sunday.
The existence of an SQL injection attack on the RIAA's site came to
light via social network news site Reddit. Soon after hackers were
making merry, turning the site into a blank slate, among other things.
The RIAA has restored RIAA.org, although whether it's any more secure
than before remains open to question, TorrentFreak reports.
The RIAA's high-profile lawsuits against file sharers have made it a
prime target for hack attacks, so its apparent failure to apply
rudimentary security controls looks especially dumb even though, as with
most such attacks, little damage was actually caused.
In other hacking news, the Church of Scientology's website reportedly
came under attack last week, leaving it unavailable for parts of the
The attack was reportedly an act of hacktivism prompted by the
organisation's attempts to pull a promotional video featuring
Scientologist Tom Cruise from YouTube. YouTube pulled the clip, but the
material has since resurfaced on Gawker.com.
Subscribe to InfoSec News