The LulzSec group (LulzSecurity) has done it again. They have hacked into Sony Pictures’ website, gaining access to over 1 million user account information, including passwords and email addresses.ï»¿
Lulzsec reported on their website,
We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 “music codes” and 3.5 million “music coupons”.
Like the SonyBMG hack (done by the same group), SonyPictures.com was hacked by performing a SQL injection.
It is surprising to know that all the data collected was unencrypted. The hackers state that, “every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it”
Rough times ahead for Sony as the LulzSec group stated that “this is the Beginning of the End for Sony”. Possibly Sony could face such more attacks in future.