|
WHID 2009-6: InfoGov switch hosting due to lack of security |
SQL Injection |
Monetary Loss Planting of Malware |
|
WHID 2009-43: Web Mail Company to Pay Prize After CEO Hacked |
Cross Site Scripting (XSS) |
Leakage of Information Monetary Loss |
|
WHID 2009-33: eBay Fraud Abuses Zero Day XSS |
Content Spoofing Cross Site Scripting (XSS) |
Monetary Loss |
|
WHID 2009-30: Sage SaaS Withdrawn Due to Security Flaws |
Insufficient Authentication Insufficient Authorization |
Monetary Loss |
|
WHID 2009-29: FBI & Secret Service warn of a sophisticated HSM attack |
SQL Injection |
Leakage of Information Monetary Loss |
|
WHID 2009-27: Panasonic Products for Cheap |
Unknown |
Disinformation Monetary Loss |
|
WHID 2008-57: Craigslist's Battle Against Spammers |
Insufficient Anti Automation |
Disinformation Link Spam Monetary Loss |
|
WHID 2008-49: ValueClick weak decryption and vulnerability to SQL injection |
Insufficient Encryption SQL Injection |
Monetary Loss |
|
WHID 2008-47: The Federal Suppliers Guide validates login credential in JavaScript |
Insufficient Authentication |
Monetary Loss |
|
WHID 2008-46: CheckFree customers redirected to fraudsters sites |
DNS Hijacking Unknown |
Monetary Loss Planting of Malware |
|
WHID 2008-42: Chinese hackers steal 9 million items of personal information from South Koreans |
SQL Injection |
Leakage of Information Monetary Loss |
|
WHID 2008-36: RBS WorldPay Data Breach Hits 1.5 Million (Updated) |
Unknown |
Leakage of Information Monetary Loss |
|
WHID 2008-31: Hacker takes $50,000 a few cents at a time |
Insufficient Anti Automation |
Monetary Loss |
|
WHID 2008-15: ValueClick to Pay $2.9 Million to Settle FTC Charges |
SQL Injection |
Monetary Loss |
|
WHID 2008-07: Another Free MacWorld Platinum Pass? Yes in 2008! |
Brute Force |
Monetary Loss |
|
WHID 2008-05: Drive-by Pharming in the Wild |
Cross Site Request Forgery (CSRF) Drive by Pharming Known Vulnerability |
Monetary Loss Leakage of Information |
|
WHID 2007-89: The big TJX hack |
Denial of Service |
Leakage of Information Monetary Loss |
|
WHID 2007-87: Hacker uses Insider information to gain on the stock exhange |
Unknown |
Disinformation Monetary Loss |
|
WHID 2007-71: Hacker uses Social Security numbers from Ohio court site |
Credential/Session Prediction |
Identity Theft Leakage of Information Monetary Loss |
|
WHID 2007-06: Hackers swipe seed company's customers' data |
Unknown |
Leakage of Information Monetary Loss Identity Theft |
|
WHID 2005-64: Woman scammed QVC for $400,000+ in Internet glitch |
Abuse of Functionality |
Monetary Loss |
|
WHID 2004-17: The CardSystems breach was an SQL Injection hack (Updated) |
SQL Injection |
Leakage of Information Monetary Loss |
