Sponsored Links

Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen (update)

Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen (update)
Zachary Lutz
Zachary Lutz|June 2, 2011 5:47 PM
Oh, Sony -- not again. We've just received numerous tips that Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefully) in plain text format. Lulz claims the heist was performed with a simple SQL injection -- just like we saw the last time around. A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. We've downloaded this file (at our own risk, mind you) and can verify these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Fresh off the heels of the PlayStation Network restoration, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots.

Update: Sony Pictures has confirmed to Reuters that some of its websites have been hacked, and says that it's currently working with the FBI to identify the perpetrators.

[Thanks to everyone that sent this in]
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.