Hacker group raids Sony Pictures in latest breach

Share this article:

Fresh off the successful infiltration and defacement of the PBS website, the hacktivist collective known as LulzSec said Thursday that it has compromised the personal information of more than one million users of SonyPictures.com.

The revelation deals another devastating blow to a company already reeling from a number of recent intrusions, most notably the breach of the Sony PlayStation Network, one of the largest reported data theft incidents of all time.

In a news release, LulzSec said its members exploited a common SQL injection vulnerability to gain access to internal Sony networks and websites. The hack yielded the passwords, email addresses, home addresses, birth dates and other account information belonging to more than one million users. The intruders posted some of the booty on their newly created website.

The group also claimed it made away with 3.5 million music coupon codes, which apparently can be used to redeem songs that appear in film soundtracks.

A Sony Pictures spokesman told SCMagazineUS.com that the company was investigating the claims.

The hackers said they did not have the resources or money to copy everything they compromised in their campaign, which they nicknamed "Sownage," but they posted samples to their website "to prove its authenticity."

"From a single injection, we accessed everything," the group said in the news release. "Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted...This is disgraceful and insecure: They were asking for it."

Sony has drawn the ire of groups like LulzSec and Anonymous in recent months because the company is pursuing legal action against George Hotz, a hacker who allegedly violated federal copyright law by jailbreaking the PlayStation 3.

However, both groups have denied being responsible for the massive PlayStation Network heist.

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.