The group of hackers, known as Lulzsec, has claimed responsibility of a fresh hack of SonyPictures.com. The group has recently been in the news for hacking the PBS website and posting news that Tupac Shaker was alive and well. According to the group, gaining access to the site and over one million user accounts was alarmingly easy.
How they did it
The group reported their efforts on Pastebin, explaining “SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now, From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”
What did they take?
According to their post, Lulzsec were able to access 1 million user accounts which included birth date, address, passwords and home addresses. They also took 3.5 million coupon codes and 75,000 music codes. The group invited readers to download a sample to take advantage ‘whilst they still can’.
What has Sony said?
Not a lot really, a spokesperson said they were looking into the matter. This is the latest in a long line of targeted hacks, the most disruptive being the one on the Playstation Network. The PSN remains down in some areas, not directly due to the hack but indirectly due to a reshuffle of infrastructure and tightening of security.
What lengths Sony will go to stop the hackers remains to be seen, we will you keep you posted.
via: Beta news