Update 3 June:
Hackers have claimed to have compromised more than one million passwords, email addresses and other information from SonyPictures.com in the latest cyberattack on the Japanese electronics giant.
“We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts,” Lulz Security said.
No ad to show here.
“Due to a lack of resources on our part we were unable to fully copy all of this information,” the group said. “In theory we could have taken every last bit of information, but it would have taken several more weeks.”
To “prove its authenticity,” the group posted lists of thousands of stolen Gmail, Hotmail, AOL, Yahoo and other email addresses and passwords on Pastebin where they were publicly accessible.
Sony, whose online services have been targeted by a series of cyberattacks over the past few weeks, said it was investigating the latest alleged breach.
“We are looking into these claims,” Sony Pictures Entertainment executive vice president Jim Kennedy said in a statement to AFP.
SonyPictures.com features movie trailers and information about films and television shows and also allows users who sign up to receive email updates.
Lulz Security, the group which claimed the attack on SonyPictures.com, said the data theft exploited one of the most “primitive and common vulnerabilities.”
“Why do you put such faith in a company that allows itself to become open to these simple attacks?” Lulz Security said.
“What’s worse is that every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it,” the group said. “This is disgraceful and insecure: they were asking for it.”
Update on Gearburn’s breaking news yesterday. The hacker group Lulz Boat has claimed to have stolen more than one million passwords, email addresses and other information from SonyPictures.com in the latest cyberattack on the Japanese electronics giant.
The claim was made by a group of hackers calling themselves “Lulz Security” on their Twitter feed @LulzSec.
“We recently broke into SonyPictures.com and compromised over 1,000,000 users’ personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts,” they said.
Initially it appeared that LuzSec was targeting Sony Music from their tweets – now attacking Sony Pictures opens a new front on beleagured Sony, whose online activities have come under a series of cyberattacks in recent weeks. The company had no immediate comment about the latest alleged breach.
-AFP