Hackers claim another raid on Sony accounts

Kevin Rawlinson
Thursday 02 June 2011 19:00 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

It was supposed to be the day Sony clawed back some pride. Yesterday morning, the company announced that its PSN network was back online after the biggest hacking attack in history more than a month earlier.

Last night, though, the Japanese manufacturer was dealing with another disaster, after hackers claimed to have broken into its network yet again, saying they had stolen more than one million users' personal account details and posted them online.

The hackers claimed the data taken during the attacks on Sony and BMG included passwords, email addresses, home addresses, dates of birth and all Sony opt-in data associated with their accounts. A statement from the hackers read: "Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 'music codes' and 3.5m 'music coupons'."

The "hacktivist" group LulzSec claims to have carried out the attack – as well as recent ones on the PBS and Fox networks.

On its Twitter account, the group said it had also stolen "unencrypted admin accounts, government and military passwords saved in plaintext" [sic]. The alleged hacking is the latest in a series to be carried out on high profile companies and heaps more embarrassment on the highest profile of them all: Sony. In early May, The Independent reported rumours in the hacking community that the company was to be the target of another group of hacktivists.

And, later that month, Lulzsec – now famous for its defacing of the PBS website with a fake story about dead rapper Tupac Shakur still being alive – tweeted: "Working on another Sony operation... this is the beginning of the end for Sony."

Yesterday, before releasing the information it said it had stolen in an operation it has called "Sownage" (Sony ownage), it taunted the Japanese manufacturer, tweeting: "Hey [Sony], you know we're making off with a bunch of your internal stuff right now and you haven't even noticed? Slow and steady, guys."

A message from the hacktivists, posted last night on a site hosting the file, claimed that the stolen data within came from "internal Sony networks and websites, all of which we accessed easily and without the need for outside support or money".

It added that the affected sites were SonyPictures.com, the site for the company's film and television wing, and Sony-owned record label BMG. The hacktivists asserted that they had not released all of the information they had access to online "due to a lack of resource". They said they were unable to fully copy all of the information and released samples in a bid to prove their authenticity. That included around 39,000 email addresses and passwords, 12,500 more with home addresses, as well as dates of birth. Details of hundreds of BMG users were also released.

They added that SonyPictures.com was hacked by taking advantage of "one of the most primitive and common vulnerabilities". The statement said: "What's worse is that every bit of data we took wasn't encrypted.

"Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it."

A Sony spokesman could not be contacted last night but reportedly told technology blog thisismynext.com that the company was "looking into these claims".

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in