One of the pages attacked belonged to the South West Academy of Sport, which was shut down for 30 hours.

Warrnambool private website consultant Dean Berger said the four sites were the victims of a common hacker tactic known as an ``SQL injection attack''.

``It's when there's a hole in the security and they're able to inject their own database query code into your website,'' he said.

``Normally the code they inject will extract a user name and password so they can go in and delete the site's content and put up their own message.''

Warrnambool-based bus company, Coles Coaches' site was also targeted.

SWAS executive officer Jeff Mutsaers said the attack shut down the content management system used by the academy's athletes to retrieve memos, itineraries and programs.