21CTO

Mar 6, 2021 · Information Security

How a Rookie SQL Injection Mistake Cost Gab’s CTO and Users 70 GB of Data

A recent DDoSecrets leak revealed that Gab’s new CTO introduced a simple SQL injection flaw in the Rails codebase, allowing hackers to steal 70 GB of user data, prompting the CEO’s public apology, code deletions, and a stark reminder of the importance of secure coding practices.