WHID 2008-15: ValueClick to Pay $2.9 Million to Settle FTC Charges
In this case SQL injection was not the root cause, but rather the justification. Just as Al Capone was arrested at the end of the day for tax evasion, ValueClick, which seems to infuriate the FTC over many nasty commercial misdeeds, was caught at the end of the day for SQL injection, presumably left open against the company written security policy.
The FTC settlement cost ValueClick a record amount of $2.9 million dollars, plus 20 years of rigorous security procedures that will probably cost as much if not more. On top of that, eBay, a major partner, left ValueClick as a result.>
- ValueClick to Pay $2.9 Million to Settle FTC Charges [Federal Trade Commision, Mar 17 2008]
- eBay dumps ValueClick [The Register, Mar 17 2008]