SAN FRANCISCO – Computer attacks typically don't inflict physical pain on their victims.
The breach triggered severe migraines and near-seizure reactions in some site visitors who viewed the images. People with photosensitive epilepsy can get seizures when they're exposed to flickering images, a response also caused by some video games and cartoons.
The attack happened when hackers exploited a security hole in the foundation's publishing software that allowed them to quickly make numerous posts and overwhelm the site's support forums.
Within the hackers' posts were small flashing pictures and links — masquerading as helpful — to pages that exploded with kaleidoscopic images pulsating with different colors.
"They were out to create seizures," said Ken Lowenberg, senior director of Web and print publishing for the foundation.
He said legitimate users are no longer able to post animated images to the support forum or create direct links to other sites, and it is now moderated around the clock. He said the FBI is investigating the breach.
Security experts said the attack highlights the dangers of Web sites giving visitors great freedom to post content to different parts of the site.
In another recent attack, hackers exploited a simple coding vulnerability in Sen. Barack Obama's Web site to redirect users visiting the community blogs section to Sen. Hillary Rodham Clinton's official campaign site.
The hackers who infiltrated the Epilepsy Foundation's site didn't appear to care about profit. The harmful pages didn't appear to try to push down code that would allow the hacker to gain control of the victims' computers, for instance.