Login | Signup

BREAKING: Sony Reportedly Hacked By LulzSec

Author:
Josh Clark
Category:
News
Tags:
Games news, Hacked, LulzSec, Sony

BREAKING: Sony Reportedly Hacked By LulzSec

Hacking group LulzSec claim to have successfully breached SonyPictures' defenses, nabbing over 1,000,000 unencrypted user passwords and posting a huge amount of data on infamous file-sharing site 'The Pirate Bay'.  We're not hugely surprised, to be honest. I mean it's not as if the group were exactly quiet about their plans!

The culprits are unabashedly open about their reasons, and methods for doing so, posting their vendetta online for all to see.

Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it.

Whilst 'they were asking for it' might not be an entirely justifiable defence for posting innocent user's personal details online, it is a bit worrying that Sony are having a bit of trouble getting their house in order. That said, we've only witnessed one side of things at the moment, with LulzSec blowing their own trumpet pretty hard, we might have to wait for the #Sownage hype dies down a bit before the full picture emerges.

No comment from Sony as yet. More on the story as we get it.

[BoingBoing]

Add a comment2 comments
Late  Jun. 21, 2011 at 13:40

Turns out the government take more of an interest in hackers when it's their own sites being disrupted.

http://www.bbc.co.uk/news/technology-13859868

Teenager arrested after DDoS attack on SOCA (Serious Organised Crime Agency)

Jonathan Lester  Jun. 21, 2011 at 13:45

Haha, yes, it's certainly a double standard... but it's probably appropriate considering that SOCA's database contains details about informants, undercover units and organised crime intel.

Email Address:

You don't need an account to comment. Just enter your email address. We'll keep it private.