Sony hacked again, hacker group known as LulzSec claim responsibility, 1 million accounts compromised
The on-going cyber war between the Sony Corporation and the hacker community continued with the latest breach of the company’s website: Sonypictures.com.
LulzSec is the group of hackers that have claimed responsibility for the attack and claim to have compromised the data of over a million accounts both on the website itself as well as websites associated with Sony Pictures.
The attack comes barely a few weeks after Sony’s restoration of the PlayStation Network service after managing to get the service fully operational after the various ‘phases’ in the process were completed.
According to reports, LulzSec not only stole user data but also managed to get their hands on 3.5 million coupons and an approximated 75,000 music codes as well. The attacks seem part of the hacking group’s Sownage campaign that has terrorized Sony and other
corporate websites in recent weeks.
The latest attack however, did not go without warning as the group warned Sony that they would bring the company down to their knees, via a tweet from the group's twitter account a few days earlier.
LulzSec did however, concede the fact that although they had full access to all the data on the Sony pictures and its associated websites, the hackers did not have the resources to store all the data.
Yet they did confirm that thousand of usernames were stolen for the database that they did manage to gain access to.
Some sort of consolation for Sony comes in the fact that the data hackers stole isn't as potentially dangerous as the data stolen in the attack on its PlayStation Network, as no credit card data was stolen.
However, on the other hand, the personal and online account details such as email addresses and passwords could potentially lead to future hacks of the websites users.
LulzSec seemed to be in boastful mood as they even shared the methods with which they breach security measures at the website claiming they used a basic technique known as a SQL injection.
The latest breach also exposed another major weakness in Sony’s online security as LulzSec explained that the data was not encrypted. “Sony stored over 1,000,000 passwords of its customers in plaintext which means it’s just a matter of taking it.”
The attacks have exposed how easy it is for hackers to access user information stored on the web and left Sony reeling as another part of its corporation has been breached.
When the PlayStation Network was hacked in mid April, over a 100 million users' personal and credit card was compromised and customers expected security to be bolstered.
However, that does not seem to be the case as the latest attacks show just how easy it was for an outside party to infiltrate the multinational company’s databases.
Sony were already due for a Congressional hearing in the United States for their online security measures and the latest attacks will do little to assure the sub-committee of their competence.
Tags: