Over the weekend, Oracle's MySQL.com customer site was compromised by two hackers who posted usernames, and some passwords, of the site's users publicly.
"TinKode" and "Ne0h" took credit for the hack and wrote that it was a result of SQL injection attacks. No further details were provided. The domains hit were given as www.mysql.com, www.mysql.de, www.mysql.fr, www.mysql.it and www.jp.mysql.com.
A post on the Full Disclosure bug mailing list on Sunday said that MySQL.com ran a variety of internal databases on an Apache web server. The details posted included a selection of password hashes, some of which have now been cracked.
Among the information posted on Pastebin were passwords for a number of MySQL database users on the server, and the admin passwords for the corporate blogs of two former MySQL employees. Former director of product management Robin Schumacher and former VP of community relations, Kaj Arno were the two bloggers hit. Neither blog had been updated for over a year.
Sucuri, a security company that monitors websites for hacking attacks advised anyone with an account on MySQL.com, to change their passwords quickly, especially if that password was also used on other sites.
Oracle did not have an immediate comment.
Return to security news headlines
View Security News Archive