Kaspersky Lab’s US Web site recently experienced a hacker attack, which was possible by taking advantage of a security vulnerability overlooked by the company’s developers.

"Kaspersky is one of the leading companies in the security and antivirus market. It seems as though they are not able to secure their own databases," stated the hacker, known as Unu, through a post on hackerblog.org. "Alter one of the parameters and you have access to EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc," he also added.

He managed to hack into the company’s Web site by launching a SQL attack that exposed information by entering secret username and password information.

Roel Schouwenberg, senior antivirus researcher for Kaspersky Lab, explained that at soon as the breach was discovered, the company "immediately contacted the right people, shut down the vulnerable part of the Web site within 15 minutes and reinstated the old version of the support site." He also added that it is indeed their fault for the incident, as they could have done more to identify the vulnerability, and that the system is currently being improved in order to make sure that such attacks will not be possible in the future.

Kaspersky’s officials explained that the intrusion did not have anything to do with the customer credit card information, which is being handled by a separate third party. The hacker, who was located in Romania, only managed to lift the names of the tables, as the folders with the actual data were not accessed.