back to article Daily Telegraph hit by SQL hack attack

Vulnerabilities on a Daily Telegraph website have been exposed by serial grey-hat hacker Unu. In a posting on the hackersblog site Unu outlines a number of SQL injection security weaknesses on the newspaper's website. The entry, which includes screenshots to substantiate the claim, claims that subscriber email addresses were …


This topic is closed for new posts.
  1. Adrian Challinor

    Old but good

  2. Anonymous Coward
    Anonymous Coward


    Considering its front page search box accepts "><iframe src="blah blah"> happily, it's not so surprising. Then that's middle England for you, standards slipping, etc.

  3. Man Outraged

    Ah - that makes a refreshing change...

    A company taking prompt action, acknowleding a weakness and thanking the hacker? Whatever has the world come to. I guess guys at The Telegraph are expert at handling PR issues - a few other companys I could name but won't should follow their lead...

    Calm today.

  4. Dennis

    Re: Ah - that makes a refreshing change...

    "thanking the hacker"

    Err .... I read the article again and I can't see anywhere where the hacker is thanked. Yes they acknowledged the problem and yes they took prompt action. But there's no mention of thanking the hacker, merely acknowledging that the problem was reported by

  5. This post has been deleted by its author

  6. Anonymous Coward
    Anonymous Coward

    Fun with the Telegraph

    You can have some other fun with the Telegraph links....

    For example, here's their article about the Spotify hack:

    and here's the same article with a much funnier URL:

    I'm sure you can all think up some better URLs than me ;-)

  7. Man Outraged


    Sorry Dennis I read the full statement over at the Maily Telegraph:

    "Now hackers are rarely embraced as being friends but in this instance it's important to thank the team at for bringing these issues to our attention..."

  8. Edward Miles

    Plain-text passwords?


  9. Jord


    Surely one of the best names in the nistory of the world...?

  10. Dennis

    Re: Hmm

    "Take responsibility for security on your own site"

    "It was a third party who done it, not us"

    Obviously you don't rely on a garage to service your car - you take responsibility and do it yourself.

    And you don't rely on parts from the manufacturer - you take responsibility and make your own brake pads.

    And you don't rely on farmers and supermarkets - you take responsibility and grow all your own food.

  11. James Condron

    Oh Sheeeyugah

    I bought a copy of that paper earlier (All out of the Daily Sport at Scunthorpe train station) and now feel ill... Is that Scunthorpe or was my newspaper carrying some sort of viral payload? Should I consult an undertaker?

  12. Daniel Free

    yet another reason

    that companies should be required to have a hand written acceptance letter before they are allowed to share data with any "partner" sites or businesses.

  13. Eric Pinkerton


    From Trends Security Suggestions (Linked from article)

    "Trend Micro recommends the usage of the Comma Delimited Format when saving or exchanging Excel spreadsheets. Comma Delimited files (with the .csv file extension) have the same functionality as regular workbooks (with the .xls extension) ."

  14. Martin Pittaway

    Decision Making Process

    Will I ever understand why intelligent people persist in using an operating system that is so wide open to abuse. Microsoft will never adopt the same operating ethos as Apple so why not buy the Apple in the first place rather than wish you had?

  15. David Lawrence

    Apple Fanboi alert - Martin Pittaway

    I wondered how long it would take for a fanboy to post a totally irrelevant comment about how good Apples are. What's that got to do with a website being attacked in this way exactly? Are you suggesting people should run enterprise-sized sites on Apple hardware and software?

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022