LulzSec Does It Again. Sony Pictures’ Website Hacked

The LulzSec group (LulzSecurity) has done it again. They have hacked into Sony Pictures’ website, gaining access to over 1 million user account information, including passwords and email addresses.

Lulzsec reported on their website,

We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 “music codes” and 3.5 million “music coupons”.

Like the  SonyBMG hack (done by the same group), SonyPictures.com was hacked by performing a SQL injection.

Sony Pictures

It is surprising to know that all the data collected was unencrypted. The hackers state that, “every bit of data we took wasn’t encrypted. Sony stored  over 1,000,000 passwords of its customers in plaintext, which means it’s just  a matter of taking it. This is disgraceful and insecure: they were asking for it”

Rough times ahead for Sony as the LulzSec group stated that “this is the Beginning of the End for Sony”.  Possibly  Sony could face such more attacks in future.