November 22, 2024
Sony Hacked Again, 1 Million Passwords, 3.5 Million Music Coupons Compromised

Sony Hacked Again, 1 Million Passwords, 3.5 Million Music Coupons Compromised

Posted June 2, 2011 at 9:32pm by iClarified
A hacking group called LulzSec has announced yet another successful attack on Sony, this time breaching Sony Pictures and compromising 1 million passwords, 75,000 "music codes" and 3.5 million "music coupons".

Here's their statement on the attack:

---
Greetings folks. We're LulzSec, and welcome to Sownage. Enclosed you will
find various collections of data stolen from internal Sony networks and websites,
all of which we accessed easily and without the need for outside support or money.

We recently broke into SonyPictures.com and compromised over 1,000,000 users'
personal information, including passwords, email addresses, home addresses,
dates of birth, and all Sony opt-in data associated with their accounts.
Among other things, we also compromised all admin details of Sony Pictures
(including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".

Due to a lack of resource on our part (The Lulz Boat needs additional funding!)
we were unable to fully copy all of this information, however we have samples
for you in our files to prove its authenticity. In theory we could have taken
every last bit of information, but it would have taken several more weeks.

Our goal here is not to come across as master hackers, hence what we're about
to reveal: SonyPictures.com was owned by a very simple SQL injection, one of
the most primitive and common vulnerabilities, as we should all know by now.
From a single injection, we accessed EVERYTHING. Why do you put such faith in
a company that allows itself to become open to these simple attacks?

What's worse is that every bit of data we took wasn't encrypted. Sony stored
over 1,000,000 passwords of its customers in plaintext, which means it's just
a matter of taking it. This is disgraceful and insecure: they were asking for it.

This is an embarrassment to Sony; the SQLi link is provided in our file contents,
and we invite anyone with the balls to check for themselves that what we say
is true. You may even want to plunder those 3.5 million coupons while you can.

Included in our collection are databases from Sony BMG Belgium & Netherlands.
These also contain varied assortments of Sony user and staffer information.

Follow our sexy asses on twitter to hear about our upcoming website. Ciao! ^_^
---


Sony has been the target of numerous hacker attacks since it decided to sue Geohot for non-malicious jailbreaking of the PlayStation. Its PlayStation network was taken down for over a month and is still struggling to get back up. The Los Angeles Times estimates that the PlayStation hack alone has cost Sony more than $172 million, nearly as much as the company incurred in damage from the earthquake and tsunami that struck Japan in March.

Read More [via chpwn]


Sony Hacked Again, 1 Million Passwords, 3.5 Million Music Coupons Compromised
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (7)
You must login or register to add a comment...
Voice of Reason
Voice of Reason - June 3, 2011 at 1:27pm
So it's Sony's fault that a hacker ILLEGALLY obtained information and broke several Federal laws? So what if someone broke into your house when you were on vacation because you didn't have security windows thick enough to stop a hammer and that someone stole your personal information from your bills in the house and therefore your identity. You're going to then say, "Well it's my fault, I should've had better windows!" Anyway, for sake of argument, let's agree that it's Sony's fault that these hackers illegally hacked into their network. Well then why are the average Joe Blow consumers who were simply using the website supposed to suffer? As I said earlier, if they want to punish Sony for their negligence, fine; but there is NO NEED to punish innocent end users.
HarryKojak II
HarryKojak II - June 3, 2011 at 1:00pm
Donate to SONY
MK
MK - June 3, 2011 at 11:14am
As far as I know Sony has been informed about many of their vulnerabilities without them effectively investing in better security of their user's data. While I don't think publishing individuals data is the right way, I'm not sure if Sony would do anything to secure their users data just because someone tells them that there is an issue with their system.
James
James - June 3, 2011 at 11:56am
Coose, know what you're talking about first.. That is what they are doing, they'll sell the information. They did it with the PSN accounts and will do it here too. That is unacceptable. If they just broke in and then deleted the information then fine but they've crossed the line once and that is too much.
Voice of Reason
Voice of Reason - June 3, 2011 at 1:40pm
@madcow Agreed. I think you have a really good idea, if they wanted to punish Sony truly to point out Sony's weaknesses in network security, they should have deleted all the data. Yes, that would INCONVENIENCE the end-user, but would not harm them or lead to identity theft and credit hits. This would also get mass media attention when no one was able to login and the arrogant hackers could get their names on the blogs.
Daniel
Daniel - June 3, 2011 at 9:47am
Sweeeet
Jsjsjs
Jsjsjs - June 3, 2011 at 6:25am
Great news for society Good job fellas!!
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS