Another one bites the dust. F-Secure can be added as another notch on the belt of hacker Unu. Geek.com reports that the Romanian hacker was able to launch an SQL injection attack on the security vendor and gain access to one of its servers. The hacker has already breached the defenses of well-known security vendors Kaspersky and BitDefender with the same attack.
In a statement to news reporters, an F-Secure spokesman commented, "It is slightly embarrassing as a security company that we have had the breach. We certainly want to ensure that all of our servers are patched to the levels that they should be."
I just can't do business with a security vendor that is telling me how to do security when they are not doing it themselves. Security vendors need to be securing servers and their network better than the rest of us. This may seem harsh, but would you take your car to a mechanic that has told you to make sure you change your oil on a regular basis and then find out that he ran his car out of oil? What's your opinion? Can you look past these security vendors (BitDefender and Kaspersky) being hacked and trust your company's networks and data to them?