Herbless - five weeks of 'hacktivism'

14 August - Herbless posts an anti-smoking message on three local authority websites in England and Scotland, including Sheffield City Council, and five websites run by four different government agencies. He hacks the site via a default password setting in SQL server. A company providing web hosting services for one of the websites hit by the attack warns that 300 other sites are also vulnerable. story...

17 August - A team of Microsoft security expects tells vnunet.com the hacks are down to administrators "not reading the manual" before initially configuring their SQL server software, rather than an inherent weakness in SQL. story...

10 September - Herbless reappears, using the same SQL configuration weakness to hack the Legoland website to support DVD crackers sued by the Motion Picture Association of America (MPAA). He posts code for other hackers detailing how to perform copycat attacks. story...

12 September - Herbless hacks two more corporate websites to criticise the MPAA. He uses the same method as before.

13 September - Herbless joins in the petrol protest, posting his support on a claimed 430 to 450 corporate websites that he has hacked. Some 168 sites, including specsavers.com, jobs.co.uk, itforhire.co.uk, travelfocus.co.uk and brandimage.co.uk, are verified by an independent hacker monitor.story...

19 September - Security consultants MIS Corporate Defence Solutions confirms a full list of 450 websites hacked in support of the petrol protestors.

20 September - Herbless hacks HSBC bank in the UK, Spain and Greece using the SQL weakness. HSBC said customer data was not compromised. story...

21 September - Ending his spree of hack attacks in dramatic style, Herbless suddenly announced his retirement from the hacking scene. story...