These days it just wouldn’t seem like a normal day without reporting on how hackers managed to bypass Sony’s security. Yesterday we told you about the break-in into the Sony BMG Greece website which was preceeded by a hack into So-net. Before that, a PSN password reset exploit was discovered after the PlayStation Network returned following a nearly four week hiatus. The latest attack occurred on the Sony Music Japan website. Just like the last attack, this hack was made possible by a SQL injection tool.
According to The Hacker News, the group responsible for this is known as Lulz Security. The hackers dumped their findings onto pastebin.com (just like the other hacker did). On its Twitter account, Lulz Security has been openly celebrating its work.
“You guys wanna see something funny? #Anonymous will like this one, gather round, gather round… #operationpayback,” read one Tweet.
In the files uploaded to pastebin.com, LulzSec wrote,”This isn’t a 1337 h4x0r, we just want to embarrass Sony some more. Can this be hack number 8? 7 and a half?!”
LulzSec also wrote that there are a couple other vulnerable databases on the website, but didn’t say what information they contained.
Unlike the last data dump, there doesn’t appear to be any leaked customer information such as names, passwords and email addresses. Naked Security, a security blog, stated that Lulz Security has hacked sites before, but doesn’t use information it gathers for financial gain.