Pity Sony’s game developers. Not to mention its PR department. It’s just days before E3, the company’s ready to show off its new NGP handheld and a host of games for PlayStation. But the news today is all about — wait for it — the company being hacked again.
This time, it’s SonyPictures.com that was the target. A group calling itself LulzSec claims it broke in and stole more than 1 million account records, including passwords, home addresses, birthdates and e-mails. LulzSec — which went so far as to issue a press release — also says it compromised admin details, including passwords. To prove it, it posted information on 50,000 users.
The point seems to be that the group thinks Sony’s security is “disgraceful.” From LulzSec’s release:
Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING.
Sony says it’s aware of the claims and it’s looking into the claims.
LulzSec is the same group that claimed to post a fake story on PBS’s website. For the last two days it’s been Tweeting taunting Sony. In other words, it looks like Sony had warning, and that’s not going to make users of any of its sites very happy.