Plentyoffish CEO: We Were Hacked, Almost Extorted – So I Emailed The Hacker’s Mom
http://techcrunch.com/2011/01/31/plentyoffish-ceo-we-were-hacked-almost-extorted-so-i-emailed-the-hackers-mom/
Security researcher Chris Russo who disclosed the issue to the Plenty of Fish staff made a video of himself doing the “hacking” and posted it to YouTube. This is what nasty SQL Injection looks in the wild:
http://www.youtube.com/watch?v=7RBYkk5Vq4M
Meanwhile, Russo, who describes himself as a bona fide security researcher, says he and his team only discovered a security vulnerability in the online dating site, that hackers were already exploiting the hole, and that he merely reported it to Frind and co in good faith … Frind says Russo and his team were attempting to extort him.