14 August - Herbless posts an anti-smoking message on three local authority websites in England and Scotland, including Sheffield City Council, and five websites run by four different government agencies. He hacks the site via a default password setting in SQL server. A company providing web hosting services for one of the websites hit by the attack warns that 300 other sites are also vulnerable. story...

17 August - A team of Microsoft security expects tells vnunet.com the hacks are down to administrators "not reading the manual" before initially configuring their SQL server software, rather than an inherent weakness in SQL. story...

10 September - Herbless reappears, using the same SQL configuration weakness to hack the Legoland website to support DVD crackers sued by the Motion Picture Association of America (MPAA). He posts code for other hackers detailing how to perform copycat attacks. story...

12 September - Herbless hacks two more corporate websites to criticise the MPAA. He uses the same method as before.

13 September - Herbless joins in the petrol protest, posting his support on a claimed 430 to 450 corporate websites that he has hacked. Some 168 sites, including specsavers.com, jobs.co.uk, itforhire.co.uk, travelfocus.co.uk and brandimage.co.uk, are verified by an independent hacker monitor.story...

19 September - Security consultants MIS Corporate Defence Solutions confirms a full list of 450 websites hacked in support of the petrol protestors.

20 September - Herbless hacks HSBC bank in the UK, Spain and Greece using the SQL weakness. HSBC said customer data was not compromised. story...

21 September - Ending his spree of hack attacks in dramatic style, Herbless suddenly announced his retirement from the hacking scene. story...

See also:

Hackers get political during US elections

The main websites of both the US Republican and Democratic parties were broken into just as the country's citizens were preparing to cast their votes for the next president.  08 Nov 2000

UK web banks rapped over security

Think-tank the Foundation for Information Policy Research today launched a scathing attack on the UK's internet banks.  11 Oct 2000

Clock ticking to fix security holes

A leading security warning body will next week take the controversial step of alerting the world to security vulnerabilities in products whether or not vendors have corrected the problems.  06 Oct 2000

How harmless is Herbless?

Although many hackers argue that they are merely airing grievances rather than causing malicious damage, website administrators may unwittingly find themselves subject to libel action if their web pages carry defamatory material.  02 Oct 2000

Hacked websites could face libel threat

Unsuspecting network managers could find themselves at the centre of libel action if their hacked websites publish slanderous statements.  27 Sep 2000

HSBC web host under fire over fuel hack

The external supplier believed to be responsible for managing the areas of HSBC's website vandalised by a hacker this week has been criticised in connection with the incident.  22 Sep 2000

Security: how safe is your data?

While security has always been an issue, the ability of organisations and individuals to keep their confidential data safe not only from prying eyes but also from attack is becoming an ever greater concern. The problem is becoming particularly marked as the world becomes more networked and companies conduct increasing amounts of business over the internet. Here we look at a range of issues that are starting to affect every one of us.  29 Jun 2000

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!