A hacker group has claimed it has attacked the Sony network and stolen more than one million passwords, email addresses and other information.
In April, hackers broke into Sony’s PlayStation Network and stole data from more than 77 million accounts. That attack was considered the biggest in internet history and led to Sony shutting down the PlayStation Network and other services for almost a month.
The company has estimated the data breach will result in a $170m (£104m) hit to its operating profit.
Since then, Sony’s networks have become targets for hackers and the company has confirmed at least four other break-ins prior to the claimed attack on Sony Pictures.
Lulz Security claims to be behind one of those attacks: an assault on Sony Music Japan.
The latest alleged attack will come as a blow to the Japanese firm, 24 hours after it announced the PlayStation Network would be fully restored in the US and Europe, and said it had beefed up its security systems.
‘Asking for it’
In a statement on Thursday, Lulz Security said it had hacked into a database that included unencrypted passwords as well as names, addresses and dates of birth of Sony customers.
"From a single injection, we accessed EVERYTHING," it said. "Why do you put such faith in a company that allows itself to become open to these simple attacks?"
"What’s worse is that every bit of data we took wasn’t encrypted. Sony stored over 1,000,000 passwords of its customers in plain text, which means it’s just a matter of taking it.
"This is disgraceful and insecure: they were asking for it."
The group also recently claimed responsibility for hacking the website of the PBS network and posting a fake story in protest at a news programme about WikiLeaks.
– BBC News
New Delhi, Dec 03, 2010: The official website of India’s premier Investigating Agency, CBI (Central Bureau of Investigation) has been hacked allegedly by Pakistani hackers with some "dire" threats posted/written on it. The hackers did not just hack the website but they also threatened to turn the Indian cyberspace into hell by carrying out "mass defacement" of other websites.
PCA left a message on CBI’s website as following:
"This attempt is in response to the Pakistani websites hacked by ‘Indian Cyber Army’. We told you before too. We are sleeping but not dead. Remember PCA (Pakistan Cyber Army)! Back off kids or we will smoke your d00rs off like we did before. Let’s see what your investigating agency, the so-called CBI, can do for you or for us! haha… one more attempt from your side … we got your every website lying around here like it’s our local server! buahahaha.. so we would like to say to your 31337 hackers and your 31337 NIC team, go and read some more books ..you guys are seriously bunch of script_kiddies! ..you know nothing rite now.. got r00t access to NTC server? ..mass defacements..how about something like this..a planned attack! haha.. btw we got r00t to your NIC too Your filtering sucks. Have fun! And DO NOT DISTURB..We got better things to do.. ..Stop complaining about Pakistani websites security. Secure your own ass first. That’s what intelligent people do!"
A message by Pakistan Cyber Army
In addition to the CBI website, HEX786, a Pakistani hacker, has also claimed that they have hacked 270 Indian websites on 27 Nov 2010, in response to Indian Cyber Army’s attack on Hijbul Mujahidin’s official website, on 26/11.
HEX786 warned Indian Hackers (Indian Cyber Army) not to attack and deface any Pakistani websites!
"CBI is aware that its official website has been hacked and defaced. An inquiry has been launched and necessary remedial measures are underway to restore it," CBI PRO RK Gaur said.
At present, the website has still not been restored.
Complete list of hacked websites can be found here.