Sony BMG Greece website hacked, user data revealed

May 23, 2011 By Andrew Couts

Once again, hackers have attacked a Sony digital property, SonyMusic.gr, and exposed private user data.

Sony‘s nightmare continues this week, with with news out today that hackers infiltrated the Sony BMG Greece on May 5, and stole users’ personal data, some of which was then posted online this weekend.

News of the hack comes via Hacker News, which reports that an anonymous user, who goes by the name b4d_vipera, uploaded a database of user information to pastebin.com. The database includes the names and email addresses of people registered to the SonyMusic.gr website.

According to Naked Security‘s Chester Wisniewski, the hackers appear to have used an SQL injection tool to discover the flaw in Sony’s security. This type of hack is “not something that requires a particularly skillful attacker,” writes Wisniewski, “but simply the diligence to comb through Sony website after website until a security flaw is found.”

Sony has become the target of choice for hackers, who hope to expose the company’s security flaws. On Friday security researchers discovered a phishing attack site stored on Sony’s server, which was accessible through one of Sony’s Thailand websites. And only days before that, Sony was forced to shut down a number of its websites, including the password reset page for its crippled PlayStation Network.

All of this, of course, was preceded by two attacks on Sony’s PSN and Qirocity services, which resulted in a complete shutdown of the network, the theft of nearly 13 million credit cards, and the jeopardization of personal data of approximately 100 million users around the world.

Sony’s battle with hackers is likely far from over. As Wisniewski points out: “As long as it is popular within the hacker community to expose Sony’s flaws, we are likely to continue seeing successful attacks against them.”

Users of SonyMusic.gr should reset their passwords as soon as possible. And, if you’re planning on joining a Sony service anytime soon, you might want to wait a little while, until this whole thing blows over.

Showing 2 comments

Andrew Couts at 10:22am 23rd May 2011 Thanks for the catch! The typo has been corrected.
1. somenab at 7:59am 24th May 2011 pls be aware that all the scripts advertised as "free" on the website promoted above and advertised on this site (thehackernews.com) are backdoored, and admins remove any such comments from theire own site to continue infecting theire own users. most script files are encrypted with ioncube, however they used a stupid way to hide an email-sending function in one of the plain-text files sending serverdata (and would guess all exploited userdata aswell) to c00lhell@hotmail.com -- what is encoded in the ioncube files are just to guess... just check out for example "Unknown Exploit Kit (Crimeware) leaked" and look in "files/27" (contains php code), search for "mail".. any network these ppls scripts have been run in should be considered compromised. malicious site. malicious admins. be aware and take precautions before use..