June 2, 2011 09:47 pm EDT

Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen

Oh, Sony -- not again. We've just received numerous tips that Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefully) in plain text format. Lulz claims the heist was performed with a simple SQL injection -- just like we saw the last time around. A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. We've downloaded this file (at our own risk, mind you) and can verify these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Fresh off the heels of the PlayStation Network restoration, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots.

[Thanks to everyone that sent this in]

Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen originally appeared on Engadget on Thu, 02 Jun 2011 17:47:00 EDT. Please see our terms for use of feeds.

Permalink | Lulz Security (1), (2) ||Comments

Original Link: http://www.engadget.com/2011/06/02/sony-pictures-hacked-by-lulz-security-1-000-000-passwords-claim/

View Full Article

Engadget

Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics. Engadget was launched in March of 2004 in partnership with the Weblogs, Inc. Network (WI

More About this Source Visit Engadget