Sony hacked again, 1 million user accounts compromised
The same group that was responsible for hacking into PBS' site recently to post fake news claiming Tupac Shakur was alive has set its sights on Sony. Lulz Boat said it had broke into the SonyPictures.com website and compromised the personal information of one million users.
Among the information is name, password, e-mail address, date of birth, and home address. Any other information the user opted to share with Sony is also in the hands of these hackers as well. The hackers were only able to download data on 150,000 of those users, but walked away with admin details and 3.5 million music coupons and 75,000 music codes, it said.
For Sony, it's only the latest in a series of at least a dozen hacks to various properties over the past two months. The most serious obviously was the hack that took down the PlayStation Network, but smaller hacks have occurred to other Sony properties, including Sony Online Entertainment and Sony Ericsson Canada.
What may be most embarrassing for Sony is again the company has been revealed to have done a poor job with securing data. The hackers said that passwords were stored without any encryption at all -- in plain text -- making it even easier for them to break into compromised accounts with little trouble.
"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now," the group said in a post to PasteBin. "From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"
This latest hack again brings into question the issue of leadership at the top. While people have been quick to blame Sony's IT department, the company's top executives could equally be as much to blame for not ensuring their network is secure. CEO Sir Howard Stringer is one of those, who seems agitated when talking about the company's response to the issue.
"[He] seems to be agitated by questions about Sony's sluggish response. He would be well-served by simply absorbing the criticism and articulating the concern Sony had for its system and accounts," Jason Maloni said at the time, who is senior vice president at crisis management firm Levick.