Sony's Japan music site hacked
Today, Sony’s Japan music site has suffered the same fate. Sophos, which discovered yesterday’s hack, found similar damage to SonyMusic.co.jp. According to Chester Wisniewski via the site’s Naked Security IT blog, Hacker News first found the affected web pages. As reported yesterday, an SQL injection was used to access the site’s contents, including its user database. Fortunately, this instance did not concede as much user information, and names, passwords, and other “personally identifiable information” are believed to be safe. But it’s still unknown what exactly hackers were able to access. Wisniewski says it is possible they could have inserted malicious code that would then affect the site’s visitors.
What’s most distressing about this latest chapter in Sony’s security saga is that it is once more proving the company’s complete negligence. These particular hacks are only utilizing Sony’s own security flaws and exposing them. One of the hackers wrote on the site “We just want to embarrass Sony some more. Can this be hack number 8? 7 and a half?”. The group’s lighthearted approach to the whole thing has made some speculate they are associated with Lulz Security. Lulz Security’s motivations are generally to prove a point rather than personal gain. The group’s Twitter posts are currently full of Sony bashings.
Even if Lulz Security is behind the attack and has no interest in stealing customer information, the scale of Sony’s mounting security failures is enough to keep subscribers anxious. Of course it’s also enough to see many of them drop Sony services altogether.
SOURCE: YAHOO
No comments:
Post a Comment