Plentyoffish CEO: We Were Hacked, Almost Extorted – So I Emailed The Hacker’s Mom
http://techcrunch.com/2011/01/31/plentyoffish-ceo-we-were-hacked-almost-extorted-so-i-emailed-the-hackers-mom/
Security researcher Chris Russo who disclosed the issue to the Plenty of Fish staff made a video of himself doing the “hacking” and posted it to YouTube. This is what nasty SQL Injection looks in the wild:
http://www.youtube.com/watch?v=7RBYkk5Vq4M
Meanwhile, Russo, who describes himself as a bona fide security researcher, says he and his team only discovered a security vulnerability in the online dating site, that hackers were already exploiting the hole, and that he merely reported it to Frind and co in good faith … Frind says Russo and his team were attempting to extort him.
I think it was Spacerog on HNN who said if you spent the same amount of time on securing your stuff as they did in making videos they may have not been poped in the first place