Sony Portugal latest to fall to hackers

Filed Under: Data loss, Vulnerability

Sony Music Portugal logoThe same Lebanese hacker who targeted Sony Europe on Friday has now dumped a database from Sony Portugal.

The hacker claims to be a grey hat, not a black hat, according to his post to pastebin.com.

"I am not a black hat to dump all the database I am Grey hat"

Instead of dumping the entire database like many previous Sony attackers, idahc only dumped the email addresses from one table in Sony's database.

Idahc tweet announcing Sonymusic.pt hackHe claims to have discovered three different flaws on SonyMusic.pt, including SQL injection, XSS (cross-site scripting) and iFrame injection.

By my count, this is the 16th attack against Sony since the chaos came raining down on them in mid-April.

There were two other breaches on Monday by LulzSec, but I simply couldn't bring myself to write about more Sony hacks.

LulzSec compromised the Sony Computer Entertainment devnet and downloaded the source code for SCE's entire website, which they posted on BitTorrent.

In what LulzSec claimed as a separate hack, they also disclosed a complete network map detailing all of the Sony BMG internal systems.

In what I suppose you would call their press release, they stated:

"We've recently bought a copy of this great new game called "Hackers vs Sony", but we're unable to play it online due to PSN being obliterated."

The question that remains is whether Sony is reacting to this situation at all, or whether their strategy is simply to hope it goes away.

You would expect an organization with 170,000 employees and over $88 billion in revenue over the last 12 months to be able to round up the resources necessary to secure their web presence.

, , , , , ,

You might like

2 Responses to Sony Portugal latest to fall to hackers

  1. Mich071 · 1049 days ago

    Sony is like an ant hill with gas poured on it and lit on fire. As fast as they react Lulzsec and others are back dumping more gas on them. They need to shut down and just get serious about security or just get shutdown and ruined by these groups. I can just imagine their bottom line is going to be hurting from this for a long time and consumer confidence is well shaken up by now.

  2. anon · 1049 days ago

    Check out http://attrition.org/security/rant/sony_aka_sowna... for a good rundown of the sony hacks to date.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.