• MySQL.com Hit by SQL Injection!

    MySQL.com, the website of the extremely popular database software used worldwide was reported to be compromised today by the use of, ironically, an SQL injection attack.

    This compromise was released into the public domain via a post on Seclists.org:
    http://seclists.org/fulldisclosure/2011/Mar/309

    The group responsible for this disclosure also disclosed passwords, password hashes and other sensitive information.

    The list of passwords, and password hashes were posted at:
    http://pastebin.com/BayvYdcP

    We will be posting new information on this incident as we receive it from our sources. In the meantime if you have an account on MySQL.com, please consider changing your password immediately.