Snappy newsletters. Simple Facebook sharing. Spirited comments. Sweet features are waiting… GET THEM NOW!

Hackers: We've Stolen 1M Sony Passwords

LulzSec claims to have raided Sony Pictures servers

By Rob Quinn, Newser Staff

Posted Jun 2, 2011 9:55 PM CDT | Updated Jun 3, 2011 7:57 AM CDT

(Newser) – Sony appears to have been hit by the second massive data breach in the space of a few months. A hacker group calling itself "Lulz Security" claims to have broken into servers that run SonyPictures.com and stolen the passwords, email addresses, and other personal data of a million Sony customers, reports the BBC. Customer information posted on the group's website appears to be at least partly genuine, according to the AP, which has contacted several of the customers involved.

"From a single injection, we accessed EVERYTHING," LulzSec said in a statement. "Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plain text, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it." The group has also claimed responsibility for hacking PBS and posting a fake story about Tupac Shakur still being alive.

[Images (1)]

[Quotes (1)]

Men pass in front of a huge monitor displaying the "SONY" logo at the Sony building in Tokyo. (AP Photo/Katsumi Kasahara, File)

« Prev« Prev | Next »Next » Slideshow

Sony stored over 1,000,000 passwords of its customers in plain text, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it.
- Statement from LulzSec

« Prev« Prev | Next »Next » Slideshow

CLICK BELOW TO VOTE

43%

10%

13%

21%

To report an error on this story, notify our editors.

OTHER STORIES ON OUR RADAR

Getty Images

Man Goes to Hospital For Kidney Stone...Leaves a Woman (Huff Post)

Is Chase Crawford Dating a Cougar? (Bleacher Report)

My Boss Walked in on Me Touching Myself, Now He Won't Stop Flirting (Slate)

7 Gross Celebrity Items Sold at Auction (The Week)

The Lowest-Rated Show on TV Is Actually Awesome (Slate)

Partner Links

Sponsor Links

A snapshot of the day's best news stories.

View Larger Grid

All Today Yesterday Pick a Date

COMMENTS

Read the comment policy

Showing 3 of 8 comments

Randall Krause

Jun 3, 2011 8:33 PM CDT

I never use SQL to store passwords. Everything authentication is stored encrypted in plain text files using high level file I/O and comprehensive parameter checking. Never once had any of my sites hacked in over 10 years.

embersyc

Jun 3, 2011 11:04 AM CDT

The point is they hacked the site with SQL injection. If somebody is storing your information in such a non-secure manner it needs to be exposed. They could have taken the info and said nothing, instead they exposed that Sony knows absolutely jackshit about internet security. The very first thing you learn when learning to program for the internet is to prevent SQL injection and always escape any information that is entered into one of your forms. Its like Sony hired somebody's highschool nephew to program the site, because he can totally build websites.

Dr.Gonzo

Jun 3, 2011 10:32 AM CDT

Fucking revenge of the nerds. Leave those kids alone. Can't have your meat iff you don't eat your pudding. Why are the criminals acting like they are the good guys?

What's Popular Now on Facebook

Japanese Artist Serves Up Own Cooked Genitals

Rape Conviction Cleared, Thanks to Facebook

BBC (Source Grid »)
Associated Press (Source Grid »)

Technology • Money

Sony • data theft • hackers • LulzSec • Sony Pictures

More Newser Stories

LulzSec Suspect Nabbed for Sony Pictures Hack

Cody Kretsinger broke into studio computers, posted user data online: feds

(NEWSER) - An alleged LulzSec member was arrested yesterday in Arizona in connection with the major hacking of Sony Pictures Entertainment earlier this year . Cody Kretsinger, 23, has been charged with conspiracy as well as the unauthorized impairment of a protected computer, Reuters reports. Kretsinger and others used a common hack called an “SQL injection” to reap data from the movie studio’s computers, a federal indictment claims. More»

Hackers Hit Sony Again

LulzSec claims new cyberattack

(NEWSER) - According to hacker group Lulz Security or LulzSec, the current score is "hackers 16, Sony 0." That's what the group posted yesterday after claiming to have staged the 16th recent cyberattack on the electronics company. LulzSec posted a file containing Sony Computer Entertainment Developer Network source code, as well as a link to what it claims are internal network maps of Sony BMG, AFP reports. Sony has been a target ever since suing a software programmer whose program allowed customers to alter PlayStation consoles, the Wall Street Journal notes. More»

LulzSec Leader Was Really, Really Eager to Help FBI

'Sabu' readily joined feds, pulled all- nighters for them

(NEWSER) - LulzSec leader Sabu didn't need to be asked twice to partner with the FBI. When the feds arrested him last June, Hector Xavier Monsegur immediately agreed to work for them, court papers show. He pulled all-nighters to help the government track down fellow top members of hacking groups LulzSec and Anonymous . "Since literally the day he was arrested, the defendant has been cooperating with the government proactively," a US attorney told a Manhattan federal court. More»

LulzSec Hackers Nabbed, Thanks to Own Leader

Hector Xavier Monsegur turned witness after the FBI got him

(NEWSER) - In a twist that sounds custom-made for the movies, agents in the US and UK arrested three LulzSec hackers this morning—thanks to information dished out by their very own leader. Fox News reports that Hector Xavier Monsegur, aka Sabu, turned FBI witness in June after the bureau tracked him to a NYC public housing project. "They caught him and he was secretly arrested and now works for the FBI," says a source, and that fact will apparently be backed up today, when court documents related to his Aug. 15 guilty plea are released. More»

Police Say They Nabbed LulzSec's Kayla

It turns out she's actually two men, not a teen girl

(NEWSER) - British police think they’ve taken down the senior LulzSec/Anonymous hacker known as “Kayla”—and if they’re right, she’s actually a pair of men in their 20s, not the 16-year-old girl she’s always claimed to be. Police arrested two men yesterday, aged 20 and 24 respectively, accusing them of conspiring to commit computer misuse under the Kayla moniker, the Telegraph reports, noting that Kayla’s Twitter feed has been inactive since yesterday. More»

NEWS FROM OUR PARTNERS

What is Newser?

Face it: there's too much news. At Newser, we choose the most thought-provoking and entertaining stories from hundreds of US and international sources and reduce them to a headline, picture, and two paragraphs. And we do it 24/7—you can come back morning, noon, night (and in between) for something new that matters. Read less, know more.

Learn more »

Partnering with: Slate

View Newser on the mobile website

Hackers: We've Stolen 1M Sony Passwords

LulzSec claims to have raided Sony Pictures servers

[Images (1)]

[Quotes (1)]

OTHER STORIES ON OUR RADAR

Sony • data theft • hackers • LulzSec • Sony Pictures

MOST POPULAR STORIES

[ By Views ]

[ By Comments ]

More Newser Stories

LulzSec Suspect Nabbed for Sony Pictures Hack

Cody Kretsinger broke into studio computers, posted user data online: feds

Hackers Hit Sony Again

LulzSec claims new cyberattack

LulzSec Leader Was Really, Really Eager to Help FBI

'Sabu' readily joined feds, pulled all- nighters for them

LulzSec Hackers Nabbed, Thanks to Own Leader

Hector Xavier Monsegur turned witness after the FBI got him

Police Say They Nabbed LulzSec's Kayla

It turns out she's actually two men, not a teen girl

About Us

Site

Community

Site Maps

Tools

More News

What is Newser?