In a major setback for Sony, Hackers have once again broken into the security of Sony Corp's computer networks, this time claiming to have stolen more than one million passwords, email addresses and other information. With this, they have shown that the company's systems still remain attack-prone, Reuters reported on Friday.
Earlier in April, hackers had broken into Sony's PlayStation networks stealing data from more than 100 million accounts, though nobody had claimed responsibility for that attack.
The group LulzSec, claiming the responsibility of the attack said on Thursday, it broke into the servers that run Sony Pictures Entertainment websites, and accessed the personal information of more than 1 million Sony customers. To underscore the point that the Japanese electronics giant is unable to keep intruders out of its network, LulzSec published the names, birthdates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony, said the report.
From a single injection, we accessed EVERYTHING, the hacking group said in a statement. Why do you put such faith in a company that allows itself to become open to these simple attacks?
A Sony spokesman said the company was looking into these claims but declined to elaborate. Reuters confirmed the authenticity of the data published about several of the sweepstakes entrants.
John Bumgarner, chief technology officer for the U.S. Cyber Consequences Unit, a nonprofit group that monitors web threats, was not surprised to learn that Sony's systems had again been breached. The system was unsecure, said Bumgarner, who last month warned of a string of security vulnerabilities across Sony's networks that he identified without special access to the electronics giant's computer systems. He also said that he found Sony Pictures Entertainment network attack-prone as recently as last weekend.
The attacks came on a day when Sony executives were hauled before a Congressional committee to testify on the April attack of its gaming networks. Representatives criticized Sony for waiting several days to notify customers of the breach.
The hacker group LulzSec said it had hacked into a database that included unencrypted passwords as well as names, addresses and birth dates of Sony's customers. The first hacking attacks in April, considered the biggest in Internet history, prompted the Japanese electronics giant to shut down its PlayStation Network and other services for close to a month.
LulzSec has claimed responsibility for several hacks over the past month. It said it defaced the PBS television network's websites, and posted data stolen from its servers Monday to protest a Front Line documentary about WikiLeaks. It has also broken into a Fox.com website and published data about contestants for the upcoming Fox TV talent show, X Factor.
LulzSec also said Thursday it had hacked into Sony BMG Music Entertainment Netherlands and Belgium. It previously disclosed an attack on Sony Music Japan, Reuters stated.