Sport & Auto
- About Future
- Digital Future
- Cookies Policy
- Terms & Conditions
- Investor Relations
- Contact Future
Have you heard the one about Sony getting hacked? Of course you have, only this time the cyber attack didn't target Sony's recently restored PlayStation Network (PSN). Instead, the hacker group known as "LulzSec" took aim at Sony Pictures and reportedly made off with personal information of more than 1 million users, as well as music codes and coupons. But hey, Sony was "asking for it," the hacker group said.
"Every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. They were asking for it," LulzSec said in a statement.
"Our goal here isn't to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now," LulzSec continued. "From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?
LulzSec posted the personal information to its website, info that included passwords, email addresses, home addresses, birth dates, and all Sony opt-in data associated with user accounts. The group also says it viewed all admin details of Sony Pictures, including passwords, and compromised 75,000 "music codes" and 3.5 million "music coupons."
"We are looking into these claims," said Jim Kennedy, executive vice president of global communications for Sony Pictures Entertainment.