2 encrypted databases stolen, Java exploit

[Ink]

ZDNET: Java flaw let hackers wage 'sophisticated and sustained attack' on UK retailer Lakeland

Although the homeware retailer has found no evidence that customer data was stolen, Lakeland said it had deleted all passwords for the site and is now asking users to reset them the next time they log in.

After the attack was discovered, "immediate action was taken to block the attack, repair the system and to investigate the damage done, and this investigation continues", Lakeland said.

According to the company, the hackers exploited a Java flaw to access its systems.

Even if nothing is safe, nothing appears to be done about reducing the risks.

Related:
Failure to clean up old Java is leaving enterprises vulnerable to attack

 

[McLovin]

Another reason not to have Java installed, unless you really need it.