I'll ignore the issues with the plaintext/reversible passwords since that's a trope that has been bandied about enough lately and ask if anyone has technical details on the hack itself, I'm quite curious if it was a simple SQL injection or something more artful.
I'd tend to lean towards injection, given that it took Russo (apparently?) 2 days to produce a working exploit with what amounts to fiddling around, but if anyone knows where I can read a write-up on it I'd appreciate it.
(Professional curiosity, I'm a web dev and like to be apprised of what catches the more popular sites. Sometimes you get lucky and it's subtle/neat.)
I'd tend to lean towards injection, given that it took Russo (apparently?) 2 days to produce a working exploit with what amounts to fiddling around, but if anyone knows where I can read a write-up on it I'd appreciate it.
(Professional curiosity, I'm a web dev and like to be apprised of what catches the more popular sites. Sometimes you get lucky and it's subtle/neat.)