MySQL website comprimised by blind SQL injection attack

I found this new story to be quite ironic: http://www.h-online.com/security/news/item/MySQL-allegedly-hacked-via-SQL-injection-1216281.html

Apparently the public facing mysql.com site was attacked through a blind SQL injection attack: ( https://secure.wikimedia.org/wikipedia/en/wiki/SQL_injection#Blind_SQL_injection ) and the internal database structure published by the hacker as proof.

It really shows why Injection is #1 on the OWASP Top 10 list ( http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project )  when a large SQL vendor (Owned by Oracle) can’t even protect  against Blind SQL Injection on their public facing site!