Lulz Sec hacks Sony Pictures website, 1 million passwords accessed

It seems that for every step Sony takes forward, someone is right there ready to push the company back a few. Case in point: a hacker group called Lulz Sec, which made a name for itself on Monday after publishing a fake story to PBS' news site and leaking emails and passwords, stated it had a new operation in mind for the company. On Thursday night the group made good with the threat.

Lulz Sec temporarily took down SonyPictures.com, accessed 1 million user's personal information and found over 3 million downloadable coupons according to a posting by the group.

ADVERTISEMENT

The group admitted it isn't comprised of "master hackers" and was able to launch what it's dubbed "Sownage" with a "very simple SQL injection."

"From a single injection, we accessed EVERYTHING," stated the group, asking readers, "Why do you put such faith in a company that allows itself to become open to these simple attacks?"

ADVERTISEMENT

For those living under a rock since April, Sony has been the focal point of a series of hacks across myriad sites and services - the largest and most crippling being a cyber attack on its PlayStation Network, which caused the company to shut it down completely for weeks in some regions and over a month in others. The service was only just fully restored in North America and Europe thanks to the reopening of its store this week.

The attack compromised the personal information of an estimated 77 million people, and could cost the company nearly 14 billion yen.

Several additional attacks on Sony have lacked the damage potential, but certainly haven't done Sony any favors. In the span of a week, sites associated with Sony BMG Greece, Sony BMG Japan, and So-net, a Japanese ISP owned by Sony, were all illegally accessed by outside parties.

ADVERTISEMENT

Lulz Sec said a lack of resources was the only thing that prevented group members from copying every scrap of info, which was reportedly unencrypted: "Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it."

In unrelated news, the hackers declared on Twitter that today is "F*ck FBI Friday," promising it will "cook up something nice for tonight."

Ironically, the group's own website is unavailable as of the publication of this article. An attempt to visit it yields an error message that declares, "This Account may have reached its limit, is suspended or this domain no longer exists."

Something tells us Anonymous may have some competition. (Via PCMag)

No posts to display