Oklahoma State Security
How many of you heard about the data leak that occurred in Oklahoma? It didn't get as much press as I thought. Here is a good link to learn about the data leak that occurred. Why did it happen? Bad programming. Plain and simple, it was bad programming that caused this breach. How bad was it? Anyone that had data stored because of a criminal offense was vulnerable.
The sex offender website used a query string to bring back data. Unfortunately, they stored the entire SQL command in the query string. All that was needed to get the entire database back was a 'select * from xxxx' in the query string instead of what was there to begin with. As an application developer, I am appalled that someone could put that kind of code into production. That is a huge security threat and such a basic mistake.