Hacker Steals $100,000 From ISP Users Bank Accounts

Internet Theft

Hacker Steals $100,000 from Users of California based ISP using SQL Injection

2013-10-24_0047It was recently reported that a hacking group calling itself ‘TeamBerserk’ reported via Twitter that, they have stolen $100,000 from peoples bank accounts after using SQL Injection to hack into a California Internet Service Provider’s database and download all their customers user names and passwords.

SQL Injection is one of the most common security vulnerabilities on the Internet.  But it can only be successful when the web application it’s launched against is not sufficiently secured.  This is where keeping your WordPress site updated becomes so critical.  The updates to plugins, themes, and WordPress itself patch holes that hackers have discovered where they can utilize these exploits and gain access to things like your database.

Video proof was uploaded which shows how the hackers used SQL Injection to gain access to the ISP’s database and download email addresses, user names, and unencrypted passwords.

SQL Injection bank hacked 4

Using SQLmap, an automated SQL Injection Tool, hackers took less then 15 minutes to gain access to the Customer data base at the ISP and download it.  They then took at random one persons username and relative password and used it at Paypal, gmail, and even Citibank account logins and it worked, simply because the victim used the same password at all the websites.

Hacker stole $100,000 from Users of California based ISP using SQL Injection

After all it’s so hard to remember multiple passwords pretty much everyone uses the same one everywhere they go online.  I know I used to, and I’ll bet you still do.  But this shows why, at the very least, you should use different and strong passwords at any sites where your personal or financial information is stored.  Bank accounts, credit cards, etc., should all have solid and individual passwords.

And it’s easy to keep track of passwords if you use a reliable plugin to help with the task.  I use LastPass which is a Free tool and very easy to work with.

So if you have the same password that you use for blogging, Facebook and the like on your bank and credit card logins now might be a good time to think about changing them.

About Scott

Scott runs iBizz Marketing Solutions designing websites and social media pages for a wide range of clients. He has held a fascination with computers and programming specifically since grade 8 when the first Commodore Pet PC's were installed in his classroom and he realized he could program them to create just about anything. When not working for clients he works on his own websites teaching others how to use WordPress to build dynamic websites and secure them from hackers. If you're interested in learning how to Build your own websites check out WordPressMastersAcademy.com. You can also find him on Google+

Thoughts and Comments