Sony has had another database hacked, this time with 120 users having their info (including passwords and mobile phone numbers) compromised and Lebanese-based hacker Idahc hacked a small database of Sony Europe and then released the data on all the users………..
A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses. The attacker claims that he used standard SQL injection techniques to acquire the database. I think it is fair to say it appears that Sony has not learned anything from the previous 12 attacks. dahc is the same attacker who targeted the Canadian Sony Ericsson site in May, 2011. In his note on pastebin he states: “I was Bored and I play the game of the year : ‘hacker vs Sony’.” He posted the link to pastebin with the simple note “Sony Hacked: pastebin.com/OMITTED lol.” If you are a database administrator (especially a Sony one) and want to avoid your sensitive data from ending up in the headlines I recommend you actually test your web applications for SQL vulnerabilities. The same hacker has once again managed to compromise ca.eshop.sonyericsson.com with the hacker claiming that he had the ability to extract credit cards data, but didn’t do it since he doesn’t perceive himself as a black hat.