Sony gets PWNED once again by Hackers. This time their sonypictures gets compromised and over 1 million of user data gets stolen.
The team of hackers is named as LULZSEC (Laughing at your security since 2011).
Greetings folks. We’re LulzSec, and welcome to Sownage. Enclosed you will find various collections of data stolen from internal Sony networks and websites, all of which we accessed easily and without the need for outside support or money.
The group of Hacker claim that :
We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 “music codes” and 3.5 million “music coupons”.
The LULZSEC hacked the database with a single SQL injection Tool.
Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?
Looks like Sony didn’t learned the lesson after the first Attack on it on the PSN Network. Lets hope Sony wakes up soon and provide its user with the best security online.
/* Style Definitions */
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-bidi-font-family:”Times New Roman”;
Sony Pictures Entertainment has released the following statement from EVP of Global Communication:
Jim Kennedy: ”We are looking into these claims.”
This all is happening to Sony because they filed a lawsuit against GeoHot for PWNING PS3. If Sony says sorry to GeoHot, the attacks might Stop.