Security Expert Re: Freekpik Breach Of 8.3 Million Users (SQL injection attack)

Freepik reported that hackers were able to steal emails and password hashes for 8.3M Freepik and Flaticon users in an SQL injection attack against the company’s Flaticon website.

Freepik is one of the largest online graphic resources sites in the world; together Freepik and the Flaticon database platform total 18 million monthly unique users, 50 million monthly views, and 100 million monthly downloads.

Experts Comments

August 25, 2020
Jayant Shukla
CTO and Co-Founder
K2 Cyber Security
This latest breach of Freepik is believed to have started with an attack using SQL Injection to gain access to users emails and hashed passwords. SQL Injection is a web application threat that’s been a significant concern since the inception of the OWASP Top 10 list in 2003, so it's troubling that SQL Injection continues to be one of the most exploited vulnerabilities. An estimated 25% of breaches last year started with an SQL Injection attack. Organizations need to take action to better.....Read More
This latest breach of Freepik is believed to have started with an attack using SQL Injection to gain access to users emails and hashed passwords. SQL Injection is a web application threat that’s been a significant concern since the inception of the OWASP Top 10 list in 2003, so it's troubling that SQL Injection continues to be one of the most exploited vulnerabilities. An estimated 25% of breaches last year started with an SQL Injection attack. Organizations need to take action to better protect themselves against SQL vulnerabilities: 1) implement better coding practices to prevent SQL Injection; 2)run better tests for SQL Injection vulnerabilities before code makes it to production; and 3)make sure they have protection against SQL Injection attacks during runtime.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.