Please support Game Informer. Print magazine subscriptions are less than $2 per issue


Hackers Release Usernames, Passwords Stolen From Sony Website

by Jeff Marchiafava on Jun 02, 2011 at 01:37 PM

The saga continues: Today a hacker group called LulzSec released a million usernames and passwords that it stole from subsidiary websites belonging to Sony.

The Washington Post is reporting that the login information belongs to customers in the U.S., Netherlands, and Belgium, which the group stole from Sony Entertainment and Sony BMG earlier this week. LulzSec has been mocking Sony on the group's Twitter page ever since the attack, marking their tweets with the hashtag #Sownage. LulzSec claims they had nothing to do with the PSN attack that caused Sony to pull the plug on its online gaming network. Instead, the hackers claim they are now attacking Sony to show how substandard the company's security is. LulzSec revealed the glaring deficiency in a statement:

“Our goal here is not to come across as master hackers, hence what we're about to reveal: was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”

I am more than tired of writing stories on how hackers have compromised Sony's security, but by this point it seems pretty clear that the company has some serious problems with its infrastructure. Here's hoping Sony fixes things soon, and that its customers don't end up paying for the company's failures.