A few days ago, a hacker group known as "LulzSec" claimed that they would launch a huge attack against Sony. It appears this group was true to their word as they have just released a large cache of data that was stolen from Sony Pictures and Sony BMG.
In what they are calling "Sownage", LulzSec claim that the whole hack was done via a very simple SQL injection, which gave them complete access to private data from over 1 million users. The data includes everything from email addresses and passwords to home addresses and dates of birth. Additionally, this data was apparently not encrypted and has since been uploaded to various file sharing websites and torrents.
Greetings folks. We're LulzSec, and welcome to Sownage. Enclosed you willfind various collections of data stolen from internal Sony networks and websites,all of which we accessed easily and without the need for outside support or money.We recently broke into SonyPictures.com and compromised over 1,000,000 users'personal information, including passwords, email addresses, home addresses,dates of birth, and all Sony opt-in data associated with their accounts.Among other things, we also compromised all admin details of Sony Pictures(including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".
This is yet more bad news for Sony, who have been suffering numerous data breaches lately, the most notable of which being the PSN attack which occurred in April of this year. Not all of the one million customer details have been leaked online, however a considerable amount has been released. The details of the hack have also been released and at the time of writing, it is still open, meaning additional customer details could be taken at any time.
Contents of our plunder: ## Sony_Pictures_International_AUTOTRADER_USERS.txt ## -- In this file you will find just under 12,500 customers of Sony; this includes dates of birth, addresses, emails, full names, passwords, user IDs, and personal phone numbers. ## Sony_Pictures_International_BEAUTY_USERS.txt ## -- In this file you will find just under 21,000 customers of Sony; this is a simple email/password drop. Enjoy your account stealing. ## Sony_Pictures_International_COUPONS.txt ## -- In this file you will find just under 20,000 Sony music coupons; please note that there are 3.5 million coupons to take - get 'em. ## Sony_Pictures_International_DELBOCA_USERS.txt ## -- In this file you will find just under 18,000 customers of Sony; this is a simple email/password drop. Again, enjoy your stealing. ## Sony_Pictures_International_MUSIC_CODES.txt ## -- In this file you will find just under 67,000 Sony music codes; they're like magnets, we simply have no idea how they work. ## Sony_Pictures_International_TABLE_LAYOUT.txt ## -- In this file you will find the layout of the database; that means you can easily see where to steal things from. Note that the database contains far more user information/coupons than we took. The point is that we had control of them; all of them. We leave the rest up to you - steal as much as you want, go forth! ADDITIONAL OWNAGE: ## Sony_BMG_Music_Entertainment_NETHERLANDS ## -- This file contains the user database of BMG Netherlands; it's around 600 usernames, emails, and passwords. Enjoy. ## Sony_BMG_Music_Entertainment_BELGIUM ## -- This file contains the Sony admin database of BMG Belgium; also lots of barcodes, release dates, and other juicy ***.
If you have an account with any of Sony's Pictures of BMG websites, it is strongly advisable to change your password immediately, however note that Sony will likely take down the sites soon, much like they did when the PlayStation Network was compromised.
89 Comments - Add comment