The vast majority of those millions of passwords became public after the breach of RockYou.com, a social networking applications site penetrated by cybercriminals using an SQL-injection.
But most of those sites still remain vulnerable to SQL injection--meaning the same group of hackers or a copycat group could use similar techniques to redirect the sites' visitors to another server hosting malicious software, Danchev argues.
Plenty of folks in the cyber security field have debated whether the rise of Anonymous would actually lead to increased spending on services like protection from DDoS attacks, which can temporarily paralyze a website, and SQL injection-type attacks that can raid a database and sometimes purge it of all contents.
Google hacking was first popularized by Johnny Long, a penetration tester who created a Google Hacking Database that allowed anyone to add interesting security search queries that might turn up vulnerabilities to exploits like SQL Injection or Cross-Site Scripting.
The last decade of the 20th century and the early part of the 21st century have seen vulnerabilities like SQL injection make headlines as hackers have stolen millions of credit-card numbers at a time.