Bikermouse, I agree about the suspicious timing. It is likely that the SQL attack was a test of weaknesses, and once they were found it was easy to focus and attack those systems without safeguards. One thing I worry about... if I have a cookie on a site allowing it to verify data, and I'm on a site when it's servers are being probed, can the attackers also sniff my system? Carolly