RIAA website hacked?

Chicago (IL) – The website of the Recording Industry Association of America (RIAA) reportedly has been the target of two attacks of the weekend, one that aimed to overload the server with slow requests and another that deleted the site’s database.

According to an article on TorrentFreak, the initial attack originated on Sunday from a post on Reddit with a link including a slow SQL query aiming at the RIAA site. Comments on the social networking site suggest that there may have been a second, apparently unrelated attack that wiped the database of the RIAA website using a “simple SQL injection”. A SQL injection is known a method to exploit a security vulnerability in the database layer of an application.

There has been no evidence that this second attack actually happened, as the slow SQL queries could have also resulted in the RIAA website being occasionally unavailable as well. It appears that the RIAA’s technology staff resolved the attack and patched its server within hours of the initial SQL hit.

The RIAA website has been the target of several attacks since 2002 and the time when the organization shifted its lawsuit campaign against music pirates into high gear.