Kaspersky signs in with their take on events. (Same link as given by BadIronTree, but with perhaps a less inscrutable comment preceding it.)

http://www.kaspersky.com/news?id=207575747

All are B.S.
http://www.kaspersky.com/news?id=207575747

How can we trust Kaspersky when they can not even protect there OWN assets!! ALL THIS COMPANY DOES IS PROVIDE SOFTWARE TO PREVENT ATTACKS.. Now they fall to a script kiddie? SQL attacks are very old..

I think they call that "a schoolboy error"...

I never did understand hacking and the deliberate destruction of other peoples property. I hope they catch the little critter and even though most of them think they cannot be caught, they will be. It is indeed a sad world we live in when people think these things are funny.

I agree ... they should institute judical caning for stuff like this.

People will never stop trying to break something for various selfish reasons (revenge, money, etc). And these people will not advertise the fact that they broke something. Instead they will try to make it look perfectly normal, while they siphon sensitive data out of the system they cracked.
This will never stop.
So, when someone cracks something for fun, it's not really a problem. It prompts system maintainers to fix the breach, which in turn will prevent the system from being compromised in the future. And if some data is lost...well, ever heard about 'backups'?

Which would you rather: Your system hacked by someone out for their own gain, or someone who's doing it just to prove a point?

Thought so.

You are right, anyone pointing to engineering errors should rot in prison. This will make us all safer, or at least it will make us feel safer, and that's all that matters, right?

So your stating that everytime you've had an issue with a device or product and you've called tech support, by you calling tech support and pointing out an engineering flaw, that you should rot in prison? Every web site has security flaws its a nature of coding. No one can make an absolute secure program or site because there will always be user intervention. The only way to make something secure is to remove human interaction. I think its good that "unu" pointed out the fact that company senstive data could be exposed and clearly by looking at the URL in the screen shots he was in fact using a SQL injection. The fact that he was nice enough to post and let the developers know that there was a bug. I know as a site developer I would like to be notified when an exploit was found. This only makes the developers at Kaspersky better developers by showing them this type of attack is possible.

You might try reading more than the first line of a post, genius.

Hacking and "deliberate destruction of other peoples property" are not necessarily the same thing. It's *malicious* hacking that I'm concerned about.

Define "malicious".

It's going to cost them. Time spent fixing it, covering their PR nightmares, and so on.

Had this hacker let them know privately things might be different.

Now they have suffered a PR meltdown and have to allocate funds immediately (in these times), instead of planning and strategically fixing it.

This was malicious.

PC_Tool, I was referring to LakotaElf's implication that all hackers are into doing destructive and malicious things. To me, that shows an ignorance of the various meanings of the term "hacker". Probably never heard of a white hat hacker, let alone a jedi hacker. Tiger term or samurai? Maybe a tiger team. Probably thinks crackers are a food item.

Careful.. Polly's getting hungry.