Website flaw exposed a Canadian ISP’s entire customer database

Zack Whittaker reports:

Canadian internet provider Altima Telecom has fixed a flaw in its website that could have given an attacker full access to its customer database.

The customer database was connected to the company’s website, but could be remotely accessed with a blind SQL injection attack. Daley Borda, founder of Underdog Security, found the bug and reported it to TechCrunch, which we passed on to Altima.

Read more on TechCrunch.

About the author: Dissent

Comments are closed.