Online

Hackers Spill Over 1,000,000 Sony Online Accounts

Sony getting its arse handed to it by hackers is becoming about as newsworthy as a netbook release, but this one is particularly brutal: Lulz Security just released a file containing over a million user logins. Home addresses included.

The Lulz crew says their gigantic dump includes:

Personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 “music codes” and 3.5 million “music coupons”.

Not stuff you want floating around on MediaFire (and not something we’re going to link to, out of respect for the privacy of that million plus).

So, why’d they do it this time? FOR THE LULZ? No. To teach a lesson, they say:

Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?

As much as this is a shit move on their part, they have a good point. Sony is clearly beyond the palest pale of ineptitude when it comes to keeping their house in order. Their server rooms have had a screen door on them for the past month. Get it the hell together.

Discuss

(7 Comments)
  • [–]

    DK Son

    Friday, June 3, 2011 at 9:41 AM

    I changed my password and my card and I think the address on my account is from my previous address.

    So hopefully, if I AM in that file, then I’m just some particle of matter floating around in it, unable to be found. 404, if you will.

    Reply
  • [–]

    Jon

    Friday, June 3, 2011 at 10:08 AM

    it’s time like this I’m glad I shafted the PS3 (mainly because of the controller design) and went for the 360 and Xbox LIVE. Hopefully that doesn’t hacked too!

    Reply
  • [–]

    Garrick

    Friday, June 3, 2011 at 10:43 AM

    They claim they arent trying to be “Master Hackers” and want to expose Sony’s security vulnerabilities, so why the hell did they take and distribute all those peoples information?

    They havent done anything wrong, they are just hurting and random people for no reason other than to enlarge their e-peen

    Why not try NOT being asshats about it and just leaving a file in there proving you go in. Same effect, less douchbaggery

    Reply
  • [–]

    Steve

    Friday, June 3, 2011 at 11:37 AM

    Dropping a file is easy – it shows you got in.

    Grabbing a file and distributing as proof is harder – but IT SHOWS YOU GOT THE DATA

    They’re not being asshats. They’re proving, without any level of spin, that they got in, Sony is fundamentally broken, and that any SonyNetwork user has just been handed their head in a bag.

    Dropping a file can be “managed” by PR spindoctors. Distributing the data can not.

    Reply
    • [–]

      HT

      Friday, June 3, 2011 at 3:04 PM

      Well i get what they are trying to do.

      But how is it fair for those poor innocent PSN users who have done nothing wrong.

      Reply
  • [–]

    dyl

    Friday, June 3, 2011 at 4:30 PM

    Ive barely been following this so forgive me if this is obvious or has been answered, but is this all revenge for Sony suing that dude or whatever?

    Reply
  • [–]

    feralfoo

    Saturday, June 4, 2011 at 3:06 PM

    Idiots, punish the users to punish Sony? You have gone from white hat to black hat, and not far off from terrorists…minus the killing of course…

    Reply

Join The Discussion

Subscribe Contact