Today Eircom released an announcementwhere they say that the details of up to 8,404 users of its Studyhub service are at risk following a breach of the Studyhub server. Users of the service have been notified and advised to change their password. The breach has also impacted another 2,500 users of the service, who were not Eircom customers, and StudyHub has taken the step to notify all of their 20,000 of the breach and recommend they too change their passwords. Eircom have contacted the Gardai and also notified the Data Protection Commissioner’s office about the breach.
According to an article in The Journal.ie the breach resulted from the attacker(s) exploiting an “It’s believed the breach took the form of an SQL attack, in which a bogus query is sent to the website to extract information” Most likely the result of an SQL Injection attack.
If this breach is the result of an SQL Injection attack then it is disappointing as this attack vector has been known about for many years and indeed has been the source of many other well publicised breaches.
If you are responsible for a website hosting applications you should look at resources such as the OWASP top ten list for ways to address these type of attacks. Other resources to look at include the SANS Top 25 Programming Errors and the SafeCODE initiative.
This is the second major breach experienced by Eircom customers in the past few months. The last breach was the loss of a number of unencrypted laptops affecting over 6,000 customers.