Websites are more important than ever for businesses. They provide online stores, account access, help features and more. Now imagine that someone locked all of your customers out of your website and demanded a ransom from you to let them back in. This type of attack has the potential to drive away customers and sink your business.
[Company] X was using phpBB for its online customer forum.
So the crooks broke in and hacked the PHP code that dealt with the user database.
A Swiss security company recently wrote about this kind of attack. Once the hackers had access to the customer information, they scrambled information like usernames, passwords and email addresses. The hackers had a key that kept the information unscrambled until they decided it was time to attack. So, everything on the website appeared normal until they decided to remove the key.
Then, customers found they could no longer log in to their accounts because their normal usernames and passwords had been turned into a random assortment of letters, numbers and symbols on the backend of the website.