Attack targeted Sony Pictures Entertainment

Sony suffers another attack by hackers

Hackers have broken into Sony and posted the details of thousands of users online in the latest of a series of cyber attacks.

LulzSec, a group that has attacked other websites including those of US television channels PBS and Fox, claimed responsibility for the attack on Sony Pictures Entertainment websites.

The group claimed it had accessed the information of more than 1 million customers to show the vulnerability of Sony's systems.

"From a single injection, we accessed EVERYTHING," LulzSec said in a statement.

"Why do you put such faith in a company that allows itself to become open to these simple attacks?"

The hackers published the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony.

It is the latest cyber attack against high-profile companies including defence contractor Lockheed Martin and Google.

LulzSec's claims came as Sony executives were trying to reassure U.S. lawmakers at a hearing on data security in Washington about their efforts to safeguard the company's computer networks, which suffered the biggest security breach in history in April.

Sony has been under fire since hackers accessed personal information on 77 million PlayStation Network and Qriocity accounts, 90 per cent of which are users in North America or Europe.

Sony said at the time credit card information may have been stolen, sparking lawsuits and casting a shadow over its plans to combine content and hardware products via online services.

Sony had been widely criticised for waiting several days to notify customers of the breach, for which nobody has yet claimed responsibility. 

Sony later revealed hackers had stolen data from 25 million users of a separate system, its Sony Online Entertainment PC games network, in a breach discovered in May.

Sony said it was investigating the breach claimed by LulzSec and declined to elaborate.

The latest attack, unlike that on the PlayStation Network, was not on a revenue-generating website and was likely to have no impact on earnings, analysts said.

Cyber security is quickly rising up the agenda for global policymakers, with Australia announcing it will develop a cyber defence strategy and the United States confirming that hostile acts in cyberspace would be treated just like any other threat to the country.

The hacking attack on Lockheed may have compromised the safety of SecureID tokens made by EMC Corp , while that on Google targeted, among others, senior U.S. government officials' data.

"These allegations are very serious," U.S. Secretary of State Hillary Clinton said of the Google attack, which the search engine said appeared to have originated in China.

In the latest attack on Sony, the U.S. Federal Trade Commission could choose to review the circumstances leading up to the breach if Sony Pictures Entertainment failed to use proper procedures for protecting the data of its customers.

"The system was unsecure," said John Bumgarner, chief technology officer for the U.S. Cyber Consequences Unit, adding he was not surprised that Sony's systems had again been breached.

He had warned last month of a string of security vulnerabilities across Sony's networks that he had identified, including vulnerabilities in the Sony Pictures Entertainment network as recently as last weekend.

The first hacking attacks in April prompted Sony to shut down its PlayStation Network and other services for close to a month.

The PlayStation games network and Qriocity, a video and music service, are back online except for some operations in Japan, South Korea and Hong Kong.

LulzSec has claimed responsibility for several hacks over the past month, including defacing the PBS network's websites, and posting data stolen from its servers to protest a "Front Line" documentary about WikiLeaks.

It has also broken into a website and published data about contestants for upcoming Fox TV talent show X Factor.

The hacking group has also claimed responsibility for hacking into Sony BMG Music Entertainment Netherlands and Belgium, and Sony Music Japan.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them