This time it’s the Sony Pictures internal database that has taken the fancy of hackers, if their claims are to be believed. The culprits call themselves LulzSec, and they say they have stolen personal information of 52,000 Sony customers after breaking into the website.
It was not very long ago that Sony was at the centre of a hacking scandal at the PlayStation Network, which caused the system to go offline for over a month back in April. Sony said it had strengthened its security systems after the attack, but if the latest claims from the hackers are true, there is still work to be done.
Hacking group LulzSec explained in a statement distributed on the internet how it used a technique called SQL injection to break into Sony. Using this method, a hacker would enter commands that cause a database to produce its contents. The hackers said they had gained access to a database that contained unencrypted personal information belonging to more than one million customers: “Sony stored over 1,000,000 passwords of its customers in plain text, which means it’s just a matter of taking it. This is disgraceful and insecure: they were asking for it.”
A Sony Pictures Entertainment spokesman, told The New York Times the company is “looking into these claims.”