Skip to main content

Poor old Sony hacked again

Sony might now think twice before it miffs the online community once again. It might not, mind you. Corporations are more important than people these days, so the likely result of the hacking we've seen in recent months will be more online regulation, scaremongering and bombing raids.

Whatever the result, the latest attacks on Sony have penetrated databases attached to, and and were apparently conducted by LulzSec, the outfit that first came to prominence this week when it attacked the servers of the US Public Broadcasting System's servers.

In this latest attack, LulzSec claims to have got hold of more than a million passwords, a sample of which it posted on the net. In a statement on its Bahamian-registered web site the outfit said: "Every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it."

"They were asking for it," the 'pretentious press statement' reads.

The latest hack was performed using SQL injection, suggesting the servers in question were rather security light. If Sony indeed stored the data in plain text, it's difficult not to agree with the hackers' suggestion that the firm was 'asking for it'. It appears that some of the account data that was exposed included phone numbers, names and addresses. Some of these have been independently verified.

Sony said it its looking into the matter.