There have been reposts of concentrated efforts by either hackers or unmanned "bot" networks to exploit vulnerabilities in website code as it applies to sql connections.

We have compiled a knowlegebase article from SecurityTeam.com (http://www.securiteam.com/) that has a great deal of information on preventing these attacks. The best means of prevention is eliminating the possiblity of a malicious attacker injecting special characters (semicolons, single quotes, etc) in to a call to your database.

Please review the article in our knowledgebase on the subject.

http://support.sbwh.com/KB/a27/sql-injection-information.aspx