WHID 2008-15: ValueClick to Pay $2.9 Million to Settle FTC Charges

In this case SQL injection was not the root cause, but rather the justification. Just as Al Capone was arrested at the end of the day for tax evasion, ValueClick, which seems to infuriate the FTC over many nasty commercial misdeeds, was caught at the end of the day for SQL injection, presumably left open against the company written security policy.

The FTC settlement cost ValueClick a record amount of $2.9 million dollars, plus 20 years of rigorous security procedures that will probably cost as much if not more. On top of that, eBay, a major partner, left ValueClick as a result.>

Additional information:

ValueClick to Pay $2.9 Million to Settle FTC Charges [Federal Trade Commision, Mar 17 2008]
eBay dumps ValueClick [The Register, Mar 17 2008]

Attack Method:

SQL Injection

Incident Outcome:

Monetary Loss

Add new comment

WHID 2008-15: ValueClick to Pay $2.9 Million to Settle FTC Charges

Web Application Firewalls

Web 2.0 Security

Further Research

Science or Religion?

You are here

WHID 2008-15: ValueClick to Pay $2.9 Million to Settle FTC Charges

Web Application Firewalls

Web 2.0 Security

Further Research

Science or Religion?

Search form