UPDATE: Thanks to our commenter below who points out it that was the website of a BitDefender affiliate, not the actual company itself, that was hacked
A Romanian ‘white-hat’ hacker has successfully hacked into the websites of Russian IT security provider Kaspersky Lab and an affiliate of US antivirus vendor BitDefender.
According to a group called the Romanian Security Team, the hacker achieved full access to the database supporting the websites – which includes customer data – by simply altering a parameter in the URLs. They also found that they could perform SQL injections, remotely introducing harmful code into the database.
The group behind the hack say they have alerted the two companies of the security flaw. They have not exposed any of the data they found.
"On Saturday February 7 2009, a vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site," Kaspersky said in a statement.