Ever wanted to have administrator access to a .edu or a .mil site? According to the blog at Imperva’s web site, now is your chance.
For prices ranging up to $499, you can purchase the credentials for full administrative access to a variety of sites. If you’d rather just have the PII (Personally Identifiable Information) instead, that’s also available.
Odds are good that this information and access was gathered using simple, automated, run-of-the-mill SQL Injection attacks and other simple web vulnerabilities. If your web site is running code written by amateurs, or even by seasoned programmers without the experience to write secure code on the web, you should probably look into a vulnerability assessment or code audit. After all, it’s better to find the hole yourself before the bad guys do, right?