The Heartland Payment Systems Breach (2008)

The Heartland breach remains one of the most devastating SQL injection attacks in history, compromising 134 million credit card numbers. The attack began with a simple SQL injection vulnerability in a web-facing application, but its impact rippled through the entire payment processing ecosystem.

The attackers used SQL injection to gain initial access, then leveraged this foothold to install packet-sniffing malware on Heartland's network. For months, they captured unencrypted card data as it moved through the payment processing systems. The total cost exceeded $140 million in fines, legal fees, and remediation efforts, not counting the immeasurable reputation damage.

Key lessons from Heartland:

Network Segmentation: The SQL injection shouldn't have provided access to payment processing systems
Encryption in Transit: Card data was encrypted at rest but not during processing
Detection Failures: The breach continued for months without detection
Compliance vs. Security: PCI compliance didn't prevent the breach

Technical analysis reveals the initial vector was likely a form input that didn't properly sanitize single quotes. This basic vulnerability, probably preventable with parameterized queries, cascaded into one of the largest data breaches in history.