WHID 2007-20: Pirate Bay breach leaks database

Private Bay is a BitTorrent information exchange blog site. Hackers used an SQL Injection vulnerability in the web site to steal 1.6 million users and passwords of the site. At least the passwords where hashed, which means that the hacker would need a cracking software and only the lame passwords will be found.
This incident highlights the Web authentication problem. Just think how many of those users use the same username and password in many other sites.

Additional information:

• Pirate Bay breach leaks database [Security Focus, May 14 2007]
• User data stolen but not unsecured [Private Bay, May 11 2007]
• Pirate Bay says stolen database safe [The Inquierer, May 14 2007]