Steps after SQL Injection detected
Posted
by
Zukas
on Programmers
See other posts from Programmers
or by Zukas
Published on 2011-02-09T20:26:15Z
Indexed on
2011/02/09
23:34 UTC
Read the original article
Hit count: 222
security
I've come across SQL injection vulnerabilities on my companies ecommerce page. It was fairly poorly put together. I believe I have prevented future attempts however we are getting calls about fraudulent credit card charges on our site and others. This leads me to believe that someone was able to get a list of our credit card numbers. What doesn't make sense is that we don't store that information and we use Authorize.net for the transaction. If someone was able to get the CC#s, what should I do next? Inform ALL of our customers that someone broken into our system and stole their information? I have a feeling that will be bad for business.
© Programmers or respective owner