Earthlink Subject to Major Security Flaw
Saw this over at HNN
A flaw in Extropia's e-commerce software left Earthlink open to a directory traversal vulnerability. Combined with an unprotected password file, Earthlink servers were at risk for nearly a week after the flaw had been publicized on Bugtraq. As many as 81,000 accounts were subject to attack during the time the servers were open to infiltration.