The hacker group titled “LulzSec” has come through with their promise to produce even more attacks on Sony. The group has hacked into subsidiary websites belonging to Sony, releasing over a million usernames and passwords.The report from The Washington Post claims that the group has more information, but that it can’t afford to fully copy all of the stolen info.
A release posted on LulzSec’s page stated the following:
Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?
It’s tough not to feel some kind of sympathy for a company that is having one of the worst years since its inception, and the worst may be yet to come. But by now, it’s becoming evermore clear that the company has to make severe changes to its security infrastructure, and fast. It’s one thing for a company to have problems, but when the security of the clients is put at risk, that is something completely different.