Subscribers to ISP news and review site DSLReports.com have been notified that their e-mail addresses and passwords may have been exposed during an attack on the Web site earlier this week.
The site was targeted in an SQL injection attack yesterday and about 8 percent of the subscribers' e-mail addresses and passwords were stolen, Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That would be about 8,000 random accounts of the 9,000 active and 90,000 old or inactive accounts created during the site's 10-year history, Beech said in an e-mail to CNET today.
"The data was taken on Wednesday afternoon, recognized and blocked at 7 p.m., and by Wednesday evening all the active accounts received e-mail notifications advising them to change their password if they share it with that e-mail address and all passwords were changed at that time," he wrote. "My hope is that few if any members will actually lose more than time to change passwords that they share among other sites."
The site has reset the passwords for those affected and members who use the same password on other sites, as noted above by Beech, were urged to change those passwords to prevent those accounts from being compromised. … Read more