Hackers issue statement taunting Sony

The hacker group Lulz issued a bold press release after it posted user data ripped from SonyEntertainment.com. The hackers said Sony was ‘asking for it.’

One month after the company suffered the biggest security breach in history, a hacker group calling itself Lulz posted personal information from more than 1 million user accounts on SonyPictures.com.

Lulz issued numerous statements on Thursday about the hack, several of which included the personal data. In a press release, the group taunted Sony, insisting the incident is “an embarrassment” for the entertainment company.

Lulz said:

Due to a lack of resource on our part (The Lulz Boat needs additional funding!) we were unable to fully copy all of this information, however we have samples for you in our files to prove its authenticity. In theory we could have taken every last bit of information, but it would have taken several more weeks.

Our goal here is not to come across as master hackers, hence what we’re about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?

To read the full story, log in.
Become a Ragan Insider member to read this article and all other archived content.
Sign up today

Already a member? Log in here.
Learn more about Ragan Insider.