Sony Pictures Online Hacked Using “Primitive and Common” Vulnerability, Data Unencrypted [News]
|
| ||||||||
| Compare: | Web Design Calculator | Web Design Cost Guidelines |
Are you an E-Commerce Web Designer? Add a Free Listing
On Thursday evening, hacker group “LulzSec” announced via Twitter that they had gained access to SonyPictures.com and stolen over 1 million accounts, passwords and sensitive user information. Shortly after the news broke, copies of the compromised data were surfacing on filesharing websites (such as MediaFire, where it was removed) and BitTorrent trackers including The Pirate Bay.
The group left a message on PasteBin revealing the full extent of the intrusion, which includes thousands of email and password combinations, personal information (including names, addresses, dates of birth and phone numbers), nearly 3.5 million “music coupons” and over 60,000 “music codes”. The group also announced that Sony’s security was overcome by a simple SQL injection attack.
In a statement, the group said: “SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”
The group also stated: “Every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.”
The group has released much of the plundered data, though these only contain a small amount of the compromised data. Full databases have also been posted online, along with a database layout text document to aid the extraction of data. The database contains both military and government email and password combinations, and also admin accounts to Sony Pictures Online.
The following excerpt was taken from the “FILE CONTENTS.txt” document that accompanies LulzSec’s limited release:
Contents of our plunder:
## Sony_Pictures_International_AUTOTRADER_USERS.txt ##– In this file you will find just under 12,500 customers of Sony;this includes dates of birth, addresses, emails, full names,passwords, user IDs, and personal phone numbers.
## Sony_Pictures_International_BEAUTY_USERS.txt ##– In this file you will find just under 21,000 customers of Sony;this is a simple email/password drop. Enjoy your account stealing.
## Sony_Pictures_International_COUPONS.txt ##– In this file you will find just under 20,000 Sony music coupons;please note that there are 3.5 million coupons to take – get ‘em.
## Sony_Pictures_International_DELBOCA_USERS.txt ##– In this file you will find just under 18,000 customers of Sony;this is a simple email/password drop. Again, enjoy your stealing.
## Sony_Pictures_International_MUSIC_CODES.txt ##– In this file you will find just under 67,000 Sony music codes;they’re like magnets, we simply have no idea how they work.
## Sony_Pictures_International_TABLE_LAYOUT.txt ##– In this file you will find the layout of the database;that means you can easily see where to steal things from.
Note that the database contains far more user information/couponsthan we took. The point is that we had control of them; all of them.We leave the rest up to you – steal as much as you want, go forth!
ADDITIONAL OWNAGE:
## Sony_BMG_Music_Entertainment_NETHERLANDS ##– This file contains the user database of BMG Netherlands;it’s around 600 usernames, emails, and passwords. Enjoy.
## Sony_BMG_Music_Entertainment_BELGIUM ##– This file contains the Sony admin database of BMG Belgium;also lots of barcodes, release dates, and other juicy shit.
The group were also responsible for several other recent security breaches, including the defacement of the Public Broadcasting Service (PBS) website and Sony Music of Japan. Sony has acknowledged the claims and is said to be investigating.
Source: LulzSecurity.com / @LulzSec
Think you could do a better job of security? Angry with Sony for not protecting your information? Angry with the hackers for stealing it in the first place? Vent some steam in the comments below!
Read comments: Loved it? Hated it? Join discussion here ...
More articles about: hacking, news, security
Similar articles:
Fri, 03 Jun 2011 14:31:40 GMT
Tags: hacking, News, news, security,
New York E-Commerce | Appleton E-Commerce | Austell E-Commerce | Grand Forks E-Commerce | Indianapolis E-Commerce | Dhaka E-Commerce | Helena E-Commerce | Richmond Hill E-Commerce | Des Plaines E-Commerce | Oakland E-Commerce |
hacking
Hackers Raid The Washington Post, Make Off With 1.3 Million User IDs [News]
The Washington Post has admitted that hackers have successfully infiltrated its servers with two separate attacks occurring on June 27th and 28th. Fortunately, the full story isn’t as damaging as the headline. Despite the loss of over a million user IDs,
4 Things To Do Immediately When Your Facebook Account Is Hacked
For most people, having their Facebook account hacked is a nightmare. Imagine if someone had access to all your private messages, could contact your friends, abuse your Facebook page, and delete your personal information. To avoid this, you should regular
News
MySQL 5.1 now supported on Cpanel / WHM
Just found out this morning that MySQL 5.1 is now officially supported on cpanel. MySQL 5.1 offers some major improvements in some areas to MySQL 5.0. MySQL 5.1 was released over a year ago and it’s been a long wait for those cpanel users needing 5.
5 Interesting Ways To Use Google News RSS Feeds
We all love neat RSS hacks, right? Well, here’s some interesting ways to use Google RSS news feeds. Many of us MakeUseOf readers are keen readers of Google News because it’s an easy way to see news articles from newspapers worldwide, grouped b
BitTorrent Creates User-Friendly Client Chrysalis [News]
BitTorrent has released a new client this week called Chrysalis in an attempt to keep novice users interested in the BitTorrent service. Chrysalis has been specially designed with new users in mind, so it’s clearly laid out with free, legal content
news
Need E-commerce Design? Check out our member profiles:
CWS Website Design and Marketing was created with one goal in mind: To create the most functional, attractive and highly visible website for each and every one of our clients.
Clarkston, Michigan US
Specializing in full ecommerce sites and Wordpress sites with ecommerce added. Experience with various shopping carts, especially CoreCommerce/DigiShop, BigCommerce, and CS-Cart.
Morton Grove, Illinois US
WinBach Marketing Images is the right choice for creative web and graphic design solutions. Through communication and teamwork, WinBach Marketing consistently meets clients' goals and expectations.
Marina del Rey, California US
Check out our portfolio at www.NebWebsites.com. Based out of Imperial we serve businesses all over the world. Take your revenues to the next level!
Imperial, Nebraska US
Viva la Pixel - affordable Web Design, Web Development, E-commerce, Internet Marketing, SEO, Search Engine Optimization, Social Media Marketing and Social Network Marketing to business big and small.
Manchester, New Hampshire US
Melanie Creations is a California website and graphic design company that offers a exceptional and creative approach to logo design, company branding, brochures and marketing materials and websites.
Yucca Valley, California US
Virtualtech Website Design and Promotion provides website design, Internet marketing (SEO), Email Marketing and Social Media services throughout Wisconsin and the United States. Located in Appleton.
Appleton, Wisconsin US
We are a web design,ecommerce and web hosting provider.Auto Web Design has been servicing Internet customers since 1996. We offer e commerce web solutions at very competitive rates.
Lakeside, California US
How To Enable Windows 7 Aero Effects Inside VirtualBox
Up until recently VirtualBox had a pretty major limitation There was no way to use Windows Aero ef
Magic: The Gathering Toolbox Is The One Stop Shop For Magic [iPhone]
Magic The Gathering is in my opinion the single best card game ever created In many ways they a
Browse The Wikipedia Of Hip-Hop Lyrics At Rap Genius
Rap music isn t all just what you hear on the radio or thumping from the teenager s car beside you a
Pendule – A Neat Web Developer Plugin [Chrome]
I do quite a bit of Web development and Google Chrome is my main browser these days Chrome is pret
The Top 7 Best Free IRC Clients for Windows 7
For most of us chatrooms might seem like a relic of the past but they re still around If you re i
Cool Websites and Tools [March 21st]
Check out some of the latest MakeUseOf discoveries All listed websites are FREE or come with a dece
32 Christmas and New Years-Themed Desktop Wallpapers
img src http rss buysellads com img php z 1264761 k bb78eac5744533b69852b62261051c57 a 1282
Article Tags
E-commerce Design Articles
Web Apps & Internet (374)
News (291)
Web Apps (129)
Inspiration (128)
Music (119)
iPhone / iPad / iPod (116)
cool web apps (108)
Google Android (101)
Mobile Tips (100)
Announcements (99)
deals (88)
Games & Gaming Tips (84)
Tech Deals (82)
Opinion & Polls (76)
Cool Software Apps (76)
Social Media (66)
iOS (66)
Browser Tips & Tricks (66)
iPhone Apps (59)
Freebies (58)
geeky fun (58)
Photography (58)
iphone (55)
Google (53)
troubleshoot (53)
android (52)
Photoshop (52)
Graphics (51)
facebook (50)
How-To Articles (50)
Friends:
E-Commerce Website Pricing
Web Design Quote
Website Design
Graphic Designers
