Another Sony site hacked

By Derek du Preez
03 Jun 2011 View Comments
A Sony logo

Sony has apparently fallen prey to yet another hacking attack in which the personal information of more than 1,000,000 users of its SonyPictures.com web site has been compromised.

This is according to hacking group LulzSec, which claims it obtained passwords, email addresses, home addresses and all of the Sony opt-in data associated with the accounts.

Further reading

This news comes shortly after Sony confirmed the restoration of its PlayStation Network (PSN), after a hacking attack that led to millions of users' personal details being compromised.

LulzSec insists this latest attack was made to highlight the firm's lax security, pointing out that it was done using a run-of-the-mill SQL injection.

"Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now," the hacking group wrote in a blog.

"From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"

LulzSec also claims that all the data it obtained was unencrypted and even customer passwords were held in plaintext.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

25 %
45 %
10 %
20 %