Contributors
Jeremiah Grossman
(WhiteHat Security)

Ofer Shezaf
(Breach Security) [Project Leader]

The Web Hacking Incidents Database
Last update:17 February 2008

View Incident By ID

WHID 2007-51: 570 Scarborough & Tweed customers' personal information accessed by SQL injection
Reported: 04 November 2007
Occurred: 30 September 2007

Classifications:

  • Attack Method: SQL Injection
  • Country: USA
  • Outcome: Leakage of Information
  • Vertical: Retail

The web servers of Scarborough & Tweed, a company that does business online selling corporate gifts online, were compromised and information about 570 customers may have been accessed using an SQL injection attack. The information includes customers' names, addresses, telephone numbers, account numbers, and credit card numbers.

References:


Select an Incident:

1999: 1999-1

2000: , 2000-1, 2000-2, 2000-3, 2000-4, 2000-5, 2000-6

2001: 2001-1, 2001-2, 2001-3, 2001-4, 2001-5, 2001-6

2002: 2002-1, 2002-2, 2002-3, 2002-4

2003: 2003-1, 2003-2, 2003-3, 2003-4, 2003-5, 2003-6, 2003-7, 2003-8, 2003-9

2004: 2004-1, 2004-10, 2004-11, 2004-12, 2004-13, 2004-14, 2004-15, 2004-16, 2004-17, 2004-18, 2004-2, 2004-3, 2004-4, 2004-5, 2004-6, 2004-7, 2004-8, 2004-9

2005: 2005-1, 2005-10, 2005-11, 2005-12, 2005-13, 2005-14, 2005-15, 2005-16, 2005-17, 2005-18, 2005-19, 2005-2, 2005-20, 2005-21, 2005-22, 2005-23, 2005-24, 2005-25, 2005-26, 2005-27, 2005-28, 2005-29, 2005-3, 2005-30, 2005-31, 2005-32, 2005-33, 2005-34, 2005-35, 2005-36, 2005-37, 2005-38, 2005-39, 2005-4, 2005-40, 2005-41, 2005-42, 2005-43, 2005-44, 2005-45, 2005-46, 2005-47, 2005-48, 2005-49, 2005-5, 2005-50, 2005-51, 2005-52, 2005-53, 2005-54, 2005-55, 2005-56, 2005-57, 2005-58, 2005-59, 2005-6, 2005-60, 2005-61, 2005-62, 2005-63, 2005-64, 2005-65, 2005-7, 2005-8, 2005-9, 2007-18

2006: 2006-1, 2006-10, 2006-11, 2006-12, 2006-13, 2006-14, 2006-15, 2006-16, 2006-17, 2006-18, 2006-19, 2006-2, 2006-20, 2006-21, 2006-22, 2006-23, 2006-24, 2006-25, 2006-26, 2006-27, 2006-28, 2006-29, 2006-3, 2006-30, 2006-31, 2006-32, 2006-33, 2006-34, 2006-35, 2006-36, 2006-37, 2006-38, 2006-39, 2006-4, 2006-40, 2006-41, 2006-42, 2006-43, 2006-45, 2006-46, 2006-47, 2006-5, 2006-6, 2006-7, 2006-8, 2006-9

2007: , 2007-01, 2007-02, 2007-03, 2007-04, 2007-05, 2007-06, 2007-07, 2007-08, 2007-09, 2007-10, 2007-11, 2007-12, 2007-13, 2007-14, 2007-15, 2007-16, 2007-17, 2007-19, 2007-20, 2007-21, 2007-22, 2007-23, 2007-24, 2007-25, 2007-26, 2007-27, 2007-28, 2007-29, 2007-30, 2007-31, 2007-32, 2007-33, 2007-34, 2007-35, 2007-36, 2007-37, 2007-38, 2007-39, 2007-40, 2007-41, 2007-42, 2007-43, 2007-44, 2007-45, 2007-46, 2007-47, 2007-48, 2007-49, 2007-50, 2007-51, 2007-52, 2007-53, 2007-54, 2007-55, 2007-56, 2007-57, 2007-58, 2007-59, 2007-60, 2007-61, 2007-62, 2007-63, 2007-64, 2007-65, 2007-66, 2007-67, 2007-69, 2007-70, 2007-71, 2007-72, 2007-73, 2007-74, 2007-75, 2007-76, 2007-77, 2007-78, 2007-79, 2007-80, 2007-81, 2007-82, 2007-83, 2007-84, 2007-85, 2007-86

2008: , 2008-01, 2008-02, 2008-03, 2008-04, 2008-05, 2008-06, 2008-07, 2008-08, 2008-09, 2008-10, 2008-11, 2008-12


This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
 
© Copyright 2005, Web Application Security Consortium. All rights reserved.