In a statement issued late Friday by Sony Pictures, the company confirmed it had been the victim of a cyberattack.
In the statement, chairman and chief executive officer of Sony Pictures Entertainment Michael Lynton, and co-chairman of Sony Pictures Entertainment Amy Pascal, said: “The cybercrime wave that has affected Sony companies and a number of government agencies, businesses and individuals in recent months has hit Sony Pictures as well.”
The statement continued: “Yesterday afternoon a group of criminal hackers known as “LulzSec” claimed to have breached some of our websites. We have confirmed that a breach has occurred and have taken action to protect against further intrusion. We also retained a respected team of experts to conduct the forensic analysis of the attack, which is ongoing. In addition, we have contacted the U.S. Federal Bureau of Investigation and are working with them to assist in the identification and apprehension of those responsible for this crime.”
It ends with, “We deeply regret and apologize for any inconvenience caused to consumers by this cybercrime.”
The statement comes in the wake of claims made on Thursday by a hacker group calling itself LulzSec. It said it had infiltrated the Sonypictures.com website and gained access to information such as e-mail addresses, passwords, home addresses and dates of birth from more than a million user accounts. On its website, LulzSec wrote: “…every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.”
Earlier this week, LulzSec claimed responsibility for infiltrating the PBS website and putting up a fake story reporting that rapper Tupac Shakur, who died in 1996, was actually “alive and well” and living in New Zealand. LulzSec said it hacked PBS’s website in retaliation for broadcasting a program that was critical of WikiLeaks.
As for Sony, the news of LulzSec’s latest antics comes in the same week that the electronics giant restored its PlayStation Network and Qriocity services, following a long period of downtime due to the massive security breach back in April. That breach, Sony said, will cost it somewhere in the region of $170 million. The company has now created a new position – Chief Information Security Officer – whose job it will be to ensure the protection of the personal details of users and improve customer support, among other things. One must assume that the person who took on this role is the busiest employee in the entire company just now.
- British Airways data hack hits 380,000 recent customers
- Attacker stole user data from Reddit through employee accounts
- In mobile cyberwar, attackers prefer to phish rather than send malware
- Hack affects 2 million T-Mobile customers, unclear if passwords included
- Uber agrees to pay $148 million for 2016 hack and cover-up