Reports surfaced Sunday and Monday that the company has suffered another breach, this time through its music services in Greece and Japan.
The security company Sophos and the Hacker News identified two attacks on Sony’s music sites in Greece and Japan. The Greek attack, which occurred Sunday, is believed to have leaked some user information including names and some passwords. Sophos encouraged Greek users to reset their passwords.
The Japanese attack, believed to have occurred Monday by the group Lulz Security, accessed user databases on the sites. The hackers left a message saying that the attacks weren’t difficult to carry out and were meant to embarrass Sony.
“Stupid Sony, so very stupid,” the message said before linking to two unprotected Sony databases.
According to Sophos, the leaked database information does not contain names, passwords or other personally identifiable information.
Since the initial attacks, Sony has also found a security weakness on its password reset page, been the target of a phishing scam through its home page in Thailand, and seen one of its ISP subsidiaries robbed for about $1,200 in virtual tokens. The reports follow a grim financial forecast that predicts the company will show a $3.2 billion annual loss this year, and that the breaches have already cost the company, $171 million to fix.
Meanwhile, gamers are waiting for the PlayStation Store to come back online to redeem the “Welcome Back” packages Sony offered as compensation for downtime on the Sony PlayStation Network, Qriocity music service and Sony Online Entertainment.