lulz-security
Latest
Before disbanding, LulzSec releases Battlefield Heroes data
The sextet of hackers known as "Lulz Security" may be done with their 50-day reign of semi-terror, but that doesn't mean the ramifications of their actions are over. In a final file released alongside yesterday's statement, the group released info from approximately 550,000 Battlefield Heroes beta user accounts (according to Rock, Paper, Shotgun) as well as the info from roughly 50,000 "random gaming forum" users. EA tells Eurogamer that the info was from "an early beta version" of the game, and "no emails, account history, credit card numbers or payment methods" were obtained. Apparently the breach took down BF Heroes servers over the weekend, though EA also explained that it has recovered the free-to-play FPS to operational status. And though it's possible that some of the group's handiwork has yet to be discovered, we're hopeful that this is the last story of a breach we'll be writing after the hacking group's disbandment.
Sony Pictures breach affects 37,500 users, far less than Lulz Security claimed
Well, Lulz Sec may have overstated its level of success by declaring it had stolen 1,000,000 passwords from Sony Pictures -- turns out the number is closer to 37,500. Now granted, any breach of user data is unacceptable, but when a hacker collective's haul is less than four percent of what it claimed, everyone can breathe a little easier. The troublemakers may have made off with email addresses, phone numbers, and passwords, but Sony says no credit card or social security numbers were compromised. The company issued a statement, which you'll find after the break, and is working with the FBI to track down those responsible. Hopefully this finally closes the door on Sony's security woes, and we can go back to bringing you stories about Angry Birds ports and Kinect hacks.
Sony Pictures hacked by Lulz Security, 1,000,000 passwords claimed stolen (update)
Oh, Sony -- not again. We've just received numerous tips that Lulz Security has broken into SonyPictures.com, where it claims to have stolen the personal information of over 1,000,000 users -- all stored (disgracefully) in plain text format. Lulz claims the heist was performed with a simple SQL injection -- just like we saw the last time around. A portion of the group's exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users. We've downloaded this file (at our own risk, mind you) and can verify these sensitive bits are now in the wild, though it remains unclear if what's published matches reality. In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees. Fresh off the heels of the PlayStation Network restoration, we're guessing the fine folks in Sony's IT department are now surviving solely on adrenaline shots. Update: Sony Pictures has confirmed to Reuters that some of its websites have been hacked, and says that it's currently working with the FBI to identify the perpetrators. [Thanks to everyone that sent this in]
