Sony's security woes continue as the company may have been hacked yet again.
A group of hackers, which call themselves Lulzsec, claim to have hacked into Sony's database and stolen collections of data. The data includes passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts.
On Lulzsec's official website, the company has posted multiple text files of what appear to be databases taken from Sony's server. Lulzsec claims it took information from SonyPictures.com and compromised over one million users' data. The hackers also accessed coupons, music codes and other data.
One database on Lulzsec's site, titled coupons, has a bunch of codes, which allegedly will give coupons to users of Sony's music service. Another database, titled 'Seinfeld Del Boca Vista database,' has what appears to be countless users and their passwords.
Another database has what appears to be Sony BMG Music Entertainment Belgium employee passwords and usernames. Lulzsec said it was fairly easy to hack into Sony's official servers and access the information. They said the data wasn't encrypted, it was in plain text.
Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? Lulzsec wrote.
This comes after Sony's infamous PSN debacle. The company's PlayStation Network, as well as its Music by Qriocity service, was both hacked and consumer data was stolen. It took Sony a month to restore the PSN and get the data secure. The company has just put up the PlayStation store.
UPDATE: Jim Kennedy, Executive Vice President of Global Communications for Sony Pictures Entertainment, said the company is looking into these claims.