On Sunday The Hacker News discovered a database of user information from a Sony BMG site in Greece that was reportedly hacked in early May. The information exposed included passwords, email addresses, and phone numbers, and was posted at pastebin.com. According to THN, someone by the name of "b4d_vipera" claimed ownership of the cyber attack.
The Greek site is the seventh Sony portal hacked in recent weeks following the month-long PlayStation Network outage also caused by a hacker.
This hack was caused by an automated Structured Query Language (SQL) injection, in which a hacker injects a malicious command at the database level.
Sophos senior security advisor Chester Wisniewski advised people to reset their passwords, prepare for phishing attempts, and expect their account information to be in the hands of someone with malicious intent.
"It is nearly impossible to run a totally secure Web presence, especially when you are the size of Sony," Wisniewski wrote. "As long as it is popular within the hacker community to expose Sony's flaws, we are likely to continue seeing successful attacks against them."
Posts
