Symantec and ImageShack hacked by "Hack the planet" (HTP)

The HTP group obtained access to the MySQL databases of ImageShack by exploiting typical vulnerabilities and bad system administration that lacked any security hardening. The group also breached Symantec’s information by means of SQL injection, dumping their complete database as well as 4000+ user accounts, many of which appeared to be used by Symantec employees or related companies.

Takeaway: There is no shortcut to protecting the security of your web application—it requires a good web application firewall as well as regular maintenance of systems followed by vulnerability scanning and patching.