SQL injection attacks are a norm these days with so many websites going "dynamic" with PHP or ASP as their primary languages and "Microsoft SQL Server" or Oracle or MySQL or ... being the database backend. Crafting specific URLs to access assumed private data (usernames, passwords, images, etc) is very possible when developers aren't anticipating what people would try.
Now, I heard about this attack a few weeks ago. Unfortunately, I can't remember if it was an injection attack or just a URL change. But I'm leaning toward the latter.
My answer to all the people who've had "private" nude or sexually based images/videos stolen ... don't make them. The second you make something like that is the second someone could gain access. Whether you accidentally throw it out, leave it out and a room mate/friend looks at it, put it on the Internet, whatever. The best way to hide something like that is not have it exist. ;)
no subject
Now, I heard about this attack a few weeks ago. Unfortunately, I can't remember if it was an injection attack or just a URL change. But I'm leaning toward the latter.
My answer to all the people who've had "private" nude or sexually based images/videos stolen ... don't make them. The second you make something like that is the second someone could gain access. Whether you accidentally throw it out, leave it out and a room mate/friend looks at it, put it on the Internet, whatever. The best way to hide something like that is not have it exist. ;)