Skip to main content

Sony Ericsson Canada admits 2,000 customers affected by latest hack

Idahc - sony hackThis is becoming painful: After a handful of its international web properties were infiltrated, Sony admitted to an intrusion of its Canada e-shopping site, resulting in the loss of thousands of customer records. And now the plagued company can add Thailand’s Sony services users to its list of affected subscribers.

Yesterday morning we reported that Sony’s Japan music site had been hacked via an SQL injection, much like its Greece music site had been earlier this week. It has been confirmed that Sony Ericsson Canada had suffered the same fate at the hands of a “Lebanese grey-hat hacker” called Idahc. Unlike the previous attacks, Idahc was able to access Sony Canada’s online store and customer database and the company confirmed that some 2,000 account records have been compromised. “Sony Ericsson’s website in Canada, which advertises its products, has been hacked, affecting 2,000 people,” a Sony spokesperson told AFP.

Related Videos

According to Idahc’s Twitter, it’s a one-man operation and he was able to find an impressive amount of user information. Still, Sony continues to claim that while customer data was accessible, credit card information was not stolen: “The information includes registered names, email addresses, and encrypted passwords. But it does not include credit card information.” Idahc has also said he did not take advantage of this sensitive material – the motivation was exclusively to further embarrass Sony and its flailing state of security. He has, however, posted users’ names, account passwords, and e-mail addresses online.

Sony has also had to shut down services in Thailand as well. Bloomberg says the site experienced unauthorized intrusions and company spokesman Atsuo Omagari explains malicious code that could spam users via e-mail was found. Sony is investigating the suspicious activity.

If Sony is able to head off these advances and prevent further fallout for its Thailand site, it would be a first. Exposing holes in Sony’s security has become a game that hackers are winning – handily. To date, each incident has left Sony scrambling in its intruders dust, trying to clean up the damage only after its weak system protection has been exposed.

Editors' Recommendations

If you use PayPal, your personal data may have been compromised
A person holds a mobile phone with the PayPal app open.

PayPal has recently suffered a massive data breach, and if you were one of the affected users, your details may have been leaked. Given the nature of a PayPal account, the exposed data includes some of the most sensitive information, which could put those users at risk of identity theft.

The company is taking steps to protect the accounts from further damage. Here's what we know about what happened and how to protect yourself.

Read more
This critical macOS flaw may leave your Mac defenseless
A close-up of a MacBook illuminated under neon lights.

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

Read more
This free service just hit a huge website security milestone
global internet usage one zettabyte computer server room information cloud web net

One of the most important security features that protect your personal data as you browse and interact with various websites is enabled by a free service from a company called Let's Encrypt. As the name implies, this involves encrypting data to make it more difficult for your information to be intercepted in a readable form.
Website encryption is incredibly important on shopping websites since you usually need to fill out a form with your email address, shipping address, and phone number in order to get updates on the order status and receive the items you've ordered. Even more sensitive than your contact information and address, your payment information is needed to pay for that awesome, new tech, kitchen gadget, or toy.

In the early internet, encryption wasn't as common as it is today, and Let's Encrypt has played a huge role in making website security universal across the World Wide Web. Starting in 2015, Let's Encrypt took steps to ease the burden of encryption which came at a significant cost that was prohibitive for small businesses compared to the relative ease of creating a website today. Beyond the expense of ordering a Secure Sockets Layer certificate (SSL), which could cost hundreds of dollars each year, it wasn't easy to install this technology on a website. That meant most small websites were not encrypted.

Read more