LulzSec Hacks SonyPictures.com and Extracts 1 Million Users Info
>By Christopher Weaver
After today’s relaunch of all Sony services, SonyPictures.com was hacked using a SQL Injection attack by hacker group LulzSec. This group is responsible for the PBS hack that occurred earlier this week. The group feels as if their hack was primitive and had this to say about the matter.
Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now.
From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?
LulzSec was able to obtain the personal information of 1 million users including: passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. This group claims that the passwords were stored in plain text, which is disappointing since this was a similar issue with the PSN.
The information stolen has been posted on the Pirate Bay here, and after looking through tweets, and comments among blogs, its easy to see that people find this humorous. Not only are they laughing, but since this file is a downloadable torrent people are downloading it and publicly disclosing that they have done so.
Be weary of your personal information, and if you fear that it has been compromised change your passwords immediately.