LulzSec Hacks; 1 Million Accounts Exposed

Just when it looks like Sony was finally recovering from the PlayStation Network hack, it happened again. This time, it wasn't PSN, but Sony Pictures: hackers may have compromised 1 million user accounts, stealing personal information including e-mail addresses and passwords, as well as street addresses, dates of birth, and more. On top of that, the hacker group posted a file containing information on 50,000 users.

Apparently the hack wasn't even that difficult for LulzSec to pull off: Gizmodo quotes LulzSec as saying, " was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING."

In addition, none of the passwords were encrypted; instead, they were stored in plain text.

Keep in mind that Sony Pictures is an entirely different division of the company from Sony Computer Entertainment, the Sony subsidiary responsible for the PlayStation 3 and hit with April's PlayStation Network hack. Still, it's another black eye for a company that hasn't exactly garnered a good reputation security-wise in recent weeks.

We'll have more on on this story as it develops, including tips on what you should do in case you fall victim to a data breach.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Security Watch Newsletter