ITPUB

Mar 12, 2021 · Information Security

How a Rookie SQL Mistake by a Former Facebook CTO Led to a $500K Gab Data Breach

A former Facebook engineer, newly hired as CTO of the social platform Gab, introduced a simple SQL injection vulnerability by removing critical reject and filter calls, allowing hackers to steal 70 GB of user data, demand a $500,000 Bitcoin ransom, and expose the company's lax security practices.