Skip to main content

Telegraph.co.uk Gets Hacked Using SQL Injection

Another day, another high profile hack; this time, the online website of British UK newspaper Telegraph has apparently been compromised by Romanian whitehat hacking group, Hackersblog.

The group, which aims to put online security problems under the spotlight, provide information that is "a security alarm for internet users and those who forget to pass their scripts through a security check."

Using a suite of web application security testing tools that runs on Mozilla's Firefox browser, a Hackersblog blogger by the name of Unu managed to have exposed users' passwords as well as their emails in plain text rather than hashed.

He managed to reach the 700,000th email address, pointing to the fact that this can be a real treasure for spammers. The Telegraph has yet to reply to the serious claims or post a disclaimer.

According to Softpedia, another Romanian tech website, Unu has been responsible for exposing many other vulnerabilities at Kaspersky Labs, Bitdefender and the National Lottery's website.

Hackersblog has been quite busy lately as they managed to penetrate Symantec's Document download Center section using a SQL injection attack, described as a "blind SQL Injection attacks".

Telegraph subscribers are strongly advised to change their passwords especially if they have been used elsewhere.

Go To Page 2 for our comments and more related links

Our Comments

If this is right, the Telegraph (and certainly many other news websites) could be in big trouble. Hackers start to turn their unwanted attention to UK online news websites following Hackersblog disclosure. Should this ethical hacker website be silenced? Certainly not. They act as whistle-blowers highlighting what amounts to gross negligence by firms which should have known better.

Related Links

UK Telegraph web site compromised (opens in new tab)

(TrendMicro)

Telegraph.co.uk hacked, sql injection (opens in new tab)

(Hackersblog)

Hacker Group Alerts of SQL Attacks on Symantec’s Website (opens in new tab)

(Spamfighter)

HackersBlog at it again: e-mail addresses exposed on Telegraph.co.uk (opens in new tab)

(Thetechherald)

Telegraph.co.uk Website Hacked (opens in new tab)

(Softpedia)

Telegraph website is hacked, says blog (opens in new tab)

(Techradar)

Désiré Athow
Désiré Athow

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.