Kaspersky Customer Database Exposed

secmartin writes "A hacker has managed to gain access to several databases via a SQL injection vulnerability on Kaspersky's US website. He has posted several screenshots and a list of available tables; judging from the table names, the information available includes data on bugs and user- and reseller accounts. The hacker has indicated that no confidential information will be posted on the Internet, but since a large part of the URLs used was visible in screenshots, it will only be a matter of time before somebody else manages to duplicate this."

What about the update servers?

Who cares if some forums are hacked?

For that matter, even if they get a customer's account data, the damage is limited if good credit-monitoring is in place.

I'd be more worried about the update servers being hacked and millions of us downloading bogus updates.

Re:Awesome

[VoxMagis]

Really?

Since switching several companies from other products to Kaspersky...

No viruses have crept through the systems - none.

We had one brief period of downtime on one customer related to a bad configuration of the admin server (my fault, still I guess it could have been clearer).

Performance is overall quite good, even on older machines. On newer machines, people don't even notice that it's running.

I admit though, I'm irritated about the issue of the original post, which has NOTHING to do with the product itself. Sounds to me like their entire web dev team needs a serious overhaul, or at least a few more night classes at the local community college ;)