Unu is back! 8.000.000 is the magic number – gamespot.com
From Hackers Blog:
“Unu”, the ex HackersBlog member that stole the spotlight with his findings in internet security has come up with a new, very interesting finding. He gained access to personal data of a very large website.
According to unu, over 8.000.000 (that 8 followed by 6 zeros!! 8 Millions) member accounts of gamespot.com have been at the mercy of anyone who could take advantage of them by means of SQLi. In the mail sent to us, “unu” says that using that SQLi anyone could extract client details such as: home address, DOB, email, and more. He backs up his claims with screenshots on personal deatils of user 2.800.000. Passwords were not in plain sight in this case so gamespot.com users can feel safe (sic).
I don’t see any statement on gamespot.com. Gunter Ollman also notes the absence of a statement confirming or denying the problem on his blog.