Sony Pictures hacked; 1,000,000 passwords claimed stolen

“We’ve just received numerous tips that Lulz Security has broken into, where it claims to have stolen the personal information of over 1,000,000 users — all stored (disgracefully) in plain text format,” Zachary Lutz reports for Engadget.

“A portion of the group’s exploit is posted online in a RAR file, which contains over 50,000 email / password combos of unfortunate users,” Lutz reports. “In addition to user information, the group has blurted out over 20,000 Sony music coupons, and the admin database (including email addresses and passwords) for BMG Belgium employees.”

Read more in the full article here.

MacDailyNews Take: Who’s worse at security, Sony or Microsoft?

[Thanks to MacDailyNews Reader “Lynn W.” for the heads up.]

Related articles:
Sony CEO Stringer under fire as 25 million more accounts hacked – May 3, 2011
Sony admits utter PSN failure: Your personal data has been stolen – April 26, 2011
No wonder Sony’s beleaguered: CEO Stringer says ‘Apple’s iTunes Store uses proprietary FairPlay DRM’ – May 14, 2009
Sony CEO Stringer calls Apple CEO Steve Jobs ‘greedy’ – July 19, 2007
Sony board votes Howard Stringer company’s first non-Japanese CEO – March 7, 2005


    1. There is no beginning to their talent and I predict Lulz is finished.

      I can understand wanting to cause Sony pain but why woud these asses want to cause so much pain for the users of Sony products?

      1. im not certain but I’m taking a stab at it.

        I think lulz is trying to prove that user info is not safe with sony and when the users realize that then they will unsubscribe thereby hurting Sony financially as well. This is just my gues ok, im not certain how acurate it is but I do know that they probably want to destroy sony’s business and a huge loss in income will help them do this.

        1. I don’t like Sony any more than anybody else, but Lulz are a bunch of douche bags. Why? Because their methodology (hacking then posting people’s personal info) is tantamount to robbing a bank to prove the bank needs better physical security. I call bullshit.

          Sony customers are simply caught in the middle between Sony’s incompetence and Lulz’ little war against “the man”.

          I saw Eff them both.

            1. OK, the bank metaphor wasn’t ideal. My point was (and I stand by it) that the Lulz douche bags are victimizing innocent people to prove that Sony’s lack of security is… Wait for it… Potentially victimizing innocent people.

              Instead of the bank, let’s say they’re kidnapping a child to prove to the public that the parents they need to keep tabs on their children better.

              Like I said, screw the Lulz script kiddies and their infantile games, and screw Sony for their complete and utter incompetence.

      2. They give themselves a fancy name and a website and you assume they are a legitimate security company?

        They are just a group of underground hackers . . . that gave them self a fancy name and a website.

      3. Agreed. I wonder how many on this site would think it so funny if it was AAPL that got their ass exposed? Oh, I guess it would be different then? I hope not but it’s probably inevitable. Geez, will the kool-aid drinking fanboys be crying then? Eyow! And no, AAPL isn’t any better or safer than anyone else so don’t go down that road. When “they” want you there’s nothing you can do. Nothing.

        1. So you really think Apple stores users’ personal info in plain text format, unencrypted? Or did you even bother to RTFA before posting your pointless little screed?

        2. So almost everyone on here says how appalling this action of these scumbags is and yet you GM come out about everyone thinking its funny. Can you read? Or do you simply have your very own dumbass, unthinking motives to ignore the reality? Yes if it were AAPL I rather presume everyone would be equally critical, some difference you refer to then. Presumably whatever you are drinking has a markedly stronger delusional effect than koolaid.

            1. Perhaps, but you, and them are ethically and morally on the wrong side of the issue. Go ahead and say you’re just having a little fun at the expense of a million other people, and that deep down inside you know that what Lulz is doing is wrong, you still invoked the wrong response.

              But, because you’re just a sheep, who can’t think for themselves, and weighs in after counting up sides, in the eyes of the few, you’re the knucklehead who can’t be trusted when it matters most.

              You, FTB, and the rest have yet to grow up and only time will tell. My advice, get on record, first and foremost with the “right” response before attempting to be the clown at the expense of people no different than you…

              …steps down off the soapbox.

            2. @G4Dualie
              Hey now..
              I have said before it’s wrong. but this is like the 800th time Sony has been hacked.
              Sorry if i need to restate the obvious 800 times, before i can laugh at Sony.

              Sony is a Joke that keeps giving, thats for sure. Makemineamac below has said exactly what everyone thinks.
              Yeah, Lulz Sec is wrong. but i’m to the point where i don’t care anymore. How many times do I have to put up with Sony being hacked before i put ANY blame on Sony?
              I mean come on, two months after the first attack… and they STILL have passwords stored in plain text?…

              The guy that opens the door in his face, you ask if he’s ok.. after the 100th time he opens the same door in his face… you wonder if he will ever learn and you don’t care anymore. maybe even joke about him..
              Ballmer does the same thing, when do you say we should have pity for Ballmer or the MS shareholders? or do we all laugh at Ballmer without ANY other comments first?

              Scroll down, i even stated i haven’t even bothered turning on my PS3 since this whole mess. Everytime i think about firing it up, Sony gets hacked again..

              This whole mess started with hackers getting free stuff from sony with hacked PS3’s running linux, Sony got tired of trying to block them. so they stripped the Linux install from the PS3. Hackers got mad at Sony… I am on Sony’s side at this point still.
              All the hacks start after Sony takes action against hackers. This first hack happens, 2 weeks later after Sony STILL was down… I was ticked. but more at the hackers still.
              PSN comes back up… and hacked again… Then all the other Hacks start, and now this?… and what do you know? they STILL have passwords stored in Plain text…

              So tell me, WHEN am i able to comment on the situation without first stating that hacking is bad?

            3. @FTB

              My first response was to say, me thinks thou dost protest too much, however, in spite of my bitter crit, you handled yourself like a gentleman and I respect that.

              The laughs are on me!

    1. who knows. but i just read the link, the Lulz security ascii picture they have makes me laugh.

      and it’s Sony, tempted to give Lulz the pass on this one.

    1. You saying that apple has any part of this?….. Lol

      IF apple were to buy Sony now.. I would want an immediate shut down of Sony till they put everything on unix servers.

      I haven’t even fired up my ps3 since all this went down a month ago… Why fire it up and update it, only to do it all over again a week later.

      Been playing portal 2 on the iMac though 😉

  1. Too damn lax. Organisations sometimes have to go through this pain in order to get their priorities straight. I _strongly_ disagree with LulzSec releasing the details they found, but in three months time data security at Sony will be as secure as we should expect from a company of their size and tech background.

  2. BTW, one interesting thing if you go digging. Ping the hacked website and look the IP address up in whois, then go take a peek at who is hosting this site. This isn’t just embarrassing for Sony…

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.