And just when you thought it was safe to go back online on Sony, and their online services such as the PlayStation Network, a group called LulzSec today has managed to hack SonyPictures.com, resulting in over 1 million accounts being compromised.
"Greetings folks. We’re LulzSecAs was revealed in PlayStation Network breach last month, SonyPictures.com hack exposed the fact that Sony once again was caught storing sensitive information, such as user account passwords, in plain text format without any encryption of sorts.
We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information."
"What’s worse is that every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it."Hacker group LulzSec claimed to have got full access to database via a very simple SQL injection, which included information such as: passwords, email addresses, date of birth and full home addresses of over 1 million user accounts registered on the Sony Pictures website. Apart from that, some 3.5 million music coupons and around 75,000 music codes are also said to have been taken over.
The pain for Sony doesn’t end here. Unlike last month’s PlayStation Network breach, LulzSec team has posted user data publicly online which includes over 39,000 email addresses and password combinations, home addresses, date of birth, admin details of Sony Pictures (including passwords) and other information.