News Section Logo NEWS - Return to news section

 

Sony Possibly Hacked Again, 1 Million Passwords Accessed, Claims Hackers

Posted by: , 00:07 AEST, Sat June 4, 2011

Permanent Link     Add Comments
Sony is facing more hacker trouble, after hacking group LulzSec claims they've managed to hack SonyPictures.com and gain access to a million user accounts, including passwords

Just when Sony thought things were finally getting back to normal, comes the news that SonyPictures.com has been hacked, and up to one millions passwords may have been stolen.

Hacking group LulzSec, who recently made headlines by hacking the website of PBS (in protest of their story on Wikileaks), has claimed responsibility. Posting on pastebin, LulzSec states that they were able to access the account details of more than one million SonyPictures.com users, along with 75,000 "music codes" and 3.5 million "music coupons". It appears only a small sample of data was taken, as the group says they lacked the resources to download everything, which would have taken weeks. The sample has been uploaded to the Internet by the group.

Amongst information that the group accessed include personal details, home addresses, email addresses, date of birth and other opt-in data.

And it appears Sony has not learned their lesson from the PSN hacking fiasco by performing a security audit all of their web assets. LulzSec claims that their hack was one of the simplest imaginable, a SQL injection type that can only happen due to poor programming on Sony's part. And worse yet, all of the passwords appears to have been stored in the database as plain text, with no encryption or hashing - a big security no-no.

From the statement posted by LulzSec, it appears the security hole may still be open, and the group has dared others to follow in their footsteps to retrieve more information, having provided instructions to do so. 

Sony has yet to issue a statement at the time of writing.

Do you feel sorry for Sony now that they've become a magnet for hackers, or do you think that a multi-billion dollar company should know better when it comes to security? Post your opinion in this news article's comments section, or in this forum thread:

http://forum.digital-digest.com/showthread.php?t=94902


Comments:

Related News:

News Icon PSN Hack: Hacker Accesses Personal Information, Credit Card Details Possibly Stolen

posted by: Sean F, 11:55 AEST, Wed April 27, 2011

News Icon Sony: 25 Million More Account Information Stolen

posted by: Sean F, 13:47 AEST, Tue May 3, 2011

News Icon PSN Hacker Attempts To Sell Stolen Data, Including Credit Card Numbers

posted by: Sean F, 15:33 AEST, Sat April 30, 2011

News Icon French "Three Strikes" Monitoring Firm Hacked

posted by: Jason F, 16:07 AEST, Wed May 18, 2011

News Icon Sony Settles Lawsuit With geohot, Hotz Plans Sony Product Boycott

posted by: Sean F, 16:31 AEST, Wed April 13, 2011