Most Read: Business

DJIA
0.15%
NASDAQ
0.36%
 Last Update: : AM 12/22/2014(NASDAQ&DJIA) |

World Markets from      

 

Other Market Data from      

 

Key Rates from      

 

Blog Contributors

Timothy B. Lee

Timothy B. Lee

Timothy B. Lee covers technology policy, including copyright and patent law, telecom regulation, privacy, and free speech. He also writes about the economics of technology. He has previously written for Ars Technica and Forbes. You can follow him on Twitter or send him email.

Brian Fung

Brian Fung

Brian Fung covers technology for The Washington Post, focusing on electronic privacy, national security, digital politics and the Internet that binds it all together. He was previously the technology correspondent for National Journal and an associate editor at the Atlantic. His writing has also appeared in Foreign Policy, Talking Points Memo, the American Prospect and Nonprofit Quarterly. Follow Brian on Google+ .

Andrea Peterson

Andrea Peterson

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government. She also delves into the societal impacts of technology access and how innovation is intertwined with cultural development.

Post Tech
About / Where's Post I.T.?   |    Twitter  |   On Facebook  |  RSS RSS Feed  |  E-Mail Cecilia
Posted at 06:21 PM ET, 06/02/2011

LulzSec releases Sony usernames, passwords

Hacker group LulzSec, as promised, posted information it took from Sony Entertainment and Sony BMG.

The information, which includes about a million usernames and passwords of customers in the U.S., Netherlands and Belgium, is available for download and posted on the group’s site.

In a statement, Jim Kennedy, executive vice president of Global Communications for Sony Pictures Entertainment, said,  “We are looking into these claims.”

A release posted on LulzSec’s page said that the group has more information, but that it can’t afford to fully copy all of the information it stole. The group also said that none of the information it took from Sony was encrypted.

1,000,000+ unencrypted users, unencrypted admin accounts, government and military passwords saved in plaintext. #PSN compromised. @SonyThu Jun 02 20:17:40 via web

“Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now,” the group wrote. “From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”

LulzSec is not believed to be involved in the Sony breaches that resulted in 77 million user accounts being compromised in April, and the group has denied that it has ever attacked the PlayStation Network.

Related story:

LulzSec to release Sony data this afternoon

By  |  06:21 PM ET, 06/02/2011

 
Read what others are saying
     

    © 2011 The Washington Post Company