Hacker group LulzSec, responsible for the PBS hack earlier this week, promised it would soon strike Sony. Today, the hackers delivered. LulzSec claims to have infiltrated Sonypictures.com and accessed its user database. “We recently broke into Sonypicture.com and compromised over 1,000,000 users’ accounts, personal information, including passwords, e-mail addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts,” the group says.
LulzSec also defends its purposes, saying it simply wants to reveal Sony’s lack of care with such sensitive information. According to the statement, the hackers used an SQL injection to compromise the site. “Why do you put such faith in a company that allows itself to become open to these simple attacks?” they ask, saying that the data also wasn’t encrypted.
LulzSec is calling its anti-Sony campaign “Sownage” and broadcasting its developments on its Twitter page. The hackers made the stolen data available but the site containing the information was taken down. Meanwhile, Sonypictures.com is still up and running. In its statement, LulzSec also made a plea for donations – one that is apparently being well received, as it’s apparently been gifted $40 over the last few hours. That might seem like a meager sum, but give it time.
Sony was finally able to restore its PSN services today after over a month of darkness. Unfortunately, this new development once again draws attention to what appears to be a continuously failing security system. User trust has been shaken, and hackers are beginning to make a game out of breaking into various Sony web properties. Sony has not made a comment on the state of Sonypictures.com, but if as much user data has been lost, we expect it will have to very soon. Hopefully, the company has learned from its past mistakes with the PlayStation incident and will inform account holders in a more timely manner.