Sony Europe hacked by Lebanese hacker... Again

Filed Under: Data loss, Featured, Privacy, Vulnerability

Story updated 5-June-2011: Information on the SonyPictures.RU attack can be found at the end of the post.

By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses.

Snapshot of database dump on pastebin

The attacker claims that he used standard SQL injection techniques to acquire the database. I think it is fair to say it appears that Sony has not learned anything from the previous 12 attacks.

SQL injection flaw? Check. Plain text passwords? Check. People's personally identifiable information totally unprotected? Check.

Idahc tweet about Sony hackIdahc is the same attacker who targeted the Canadian Sony Ericsson site in May, 2011. In his note on pastebin he states: "I was Bored and I play the game of the year : 'hacker vs Sony'." He posted the link to pastebin with the simple note "Sony Hacked: pastebin.com/OMITTED lol."

If you are a database administrator (especially a Sony one) and want to avoid your sensitive data from ending up in the headlines I recommend you actually test your web applications for SQL vulnerabilities.

A great resource with detailed information on how to protect against SQL injection attacks is available at codeproject.com.

You can also download our free technical paper Securing Websites.

Update: In addition to the attack detailed above, the hacking group known as LulzSec has compromised SonyPictures.RU through another SQL injection flaw. No personal information was disclosed in the attack; it appears to have been designed just to continue to point out security flaws in Sony's infrastructure to create PR problems for the media giant. In the note, LulzSec left a message: "In Soviet Russia, SQL injects you..."

Pastebin of sonypictures.ru

, , , , , , , , ,

You might like

23 Responses to Sony Europe hacked by Lebanese hacker... Again

  1. QFX · 1203 days ago

    I love the name he is using. "Idahc" is "Chadi" backwards, which is the French (and Lebanese) way of writing "Shadi", a common Arabic name

    • That is kind of clever. So simple, but captures so much. Plus Idahc almost looks like a typo for "Idaho". Thanks for pointing that out.

    • zach · 1183 days ago

      congrats, you figured out a name. now what?

      maybe if you could figure out how to trace a location from an ip ppl wouldn't make fun of you

  2. Is it now a global open season on Sony hacks? Not sarcastic, seriously.

    It seems like a kind of momentum e.g. even every auto-generated related story on Naked Security's site reads accordingly:
    "Sony Canadian e-commerce site hacked"
    "Sony Greece latest hacked site"
    "Sony credit details encrypted" maybe
    and of course the hack du jour story
    "Sony hacked by Lebanese hacker again"

    At which I shouldn't laugh. But the headline is catchy. Will 13 be the end of the run? I guess Sony would like to know the answer to that too.

  3. Oh wow, someone really despises Sony.

  4. dan · 1203 days ago

    buy an xbox 360 and forget these problems!!

    • rob · 1203 days ago

      if you think microsoft doesnt have any security flaws your're very nieve

      • Yah....but microsoft doesn't sue hackers, they usually hire them....

        • NotHazard · 1201 days ago

          Hire someone who RELEASED the usernames/passwords of the database. What a great idea, let him release internal company documents. Microsoft gets thousands of exploits sent to them privately, then the exploits get patched. Otherwise we have a 0-day.

          Take a shop lifter, steals from your store every day. Knowing this, would you hire him?

      • accursed2010 · 1201 days ago

        but Microsoft doesn't have haters like Sony.... that what I think :) .

    • Tupac · 1203 days ago

      So it breaks in a month? Great idea!

    • Ergo · 1202 days ago

      I think I'll just stick to my PC and forgo 'classics' like Gears of War and other games I'm not missing at all.

  5. SteveINtheUKok · 1203 days ago

    Who knew Sony would be the champion of Open on the internet, its less private than Facebook, that must annoy Zuckerberg :-) LOL

  6. FUNK · 1203 days ago

    The funny side is that there was a one security company that was giving demo of their product and 'SONY" was one of their customer who were more secured cause of their product. I chuckled at it and told them that you shouldnt be showing Sony to your prospective customers any more..... and then there was silence in the room for quite some time...

  7. Draft · 1203 days ago

    Author, can you confirm that 13 number? Can you count all those 13 here? Thanks!

    • Chester Wisniewski · 1203 days ago

      1. Anonymous/DDoS
      2. PSN(77 Mil)
      3. SOE (25 Mil)
      4. SOE 12,700 "old database from 2007"
      5. PSN password reset hacks/flaws
      6. Sony Music Indonesia
      7. 2500 Sweepstakes records from 2001
      8. SO-Net
      9. Sony Music Greece
      10. Sony Music Japan
      11. Sony Ericsson Canada
      12. Sony Pictures
      13. Sony Europe

  8. Gnorm · 1203 days ago

    The hackers are attacking Sony for what they are doing to geohot. Google "Sony geohot" for more details

    • Anon · 1202 days ago

      That was only the reason why anonymous DDoS'ed em.
      The Sony music things were 4 the YouTube garbage...
      Ans some of them were just 4 fun.

  9. jse · 1201 days ago

    It isn't just Geohot, A hatred for Sony has been growing for years due to their anti consumer policy's and actions, here are a few of their highlights.

    Suing Jon Lech Johansen aka DVD-Jon for creating DECSS used to remove the Content Scrambling System (CSS) DRM from DVD's.
    Suing Lik-Sang and forcing them to close.
    Suing jailbreak manufacturers and retails of PS-Jailbreak devices such as ozmodchips.
    Suing Graf Chokolo for his work on reversing the PS3 hypervisor and bringing back Linux.
    Suing team fail0verflow aka team-twiizers for pointing out PS3 security flaws.
    Sending threatening emails to to PS3 CFW users.

    The list could go on forever, they have basically pissed off the homebrew community, hacking community and warez community for many years and people are finally retaliating.

    Good for the people, Screw you Sony!

    • Anders · 1201 days ago

      You forgot one quite important thing in that list, Sony included a rootkit on their CDs a few years ago. that's gotta be one of the biggest nails in their PR-coffin...

    • DaG · 1198 days ago

      you forgot stealing OtherOS from their customers in the first place. Everyone who bought a Phat PS3 paid for it...

  10. james · 1201 days ago

    SQL injection only? LOL
    their programmer come from ancient time tech?

  11. I wish the hackers would just find another toy on another planet in another galaxy. This is going to get as annoying as LIGATT was...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.