Sony hit with second attack, loses 12,700 credit card numbers

[Gaurish]

Sony is doomed

Sony Online Entertainment servers were offline across the board, SOE announced that it has lost 12,700 customer credit card numbers as the result of an attack, and roughly 24.6 million accounts may have been breached.

The company took SOE servers offline after learning of the attack last evening, and today detailed the unfortunate results: "approximately 12,700 non-US credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, the Netherlands, and Spain" were lost, apparently from "an outdated database from 2007." Of the 12,700 total, 4,300 are alleged to be from Japan, while the remainder come from the aforementioned four European countries.

Sony Online loses 12,700 credit card account numbers, 24.6 million accounts compromised [update] | Joystiq

[Edit]

Sony has said that the user data was stolen as part of the original intrusion, its not a second attack.

 

[raksrules]

Sony is surely paying the price for taking action against the hacker(or is it cracker or whatever) community (esp Geohotz) and the they are getting back to Sony (this does not mean i support this stealing).

 

[Params7]

Not a 2nd attack, this is part of the 1st attack on PSN. But Sony just found out that SOE was also hit too and confirms CC info was leaked.

 

[Aman27deep]

*yawn* So what's new?

 

[arrow004]

Should those in india worry abt stolen credit card nos. as well??

 

[Ethan_Hunt]

Hackers Spill over 1,000,000 Sony Online Accounts

Sony getting its ass handed to it by hackers is becoming about as newsworthy as a netbook release, but this one is particularly brutal: Lulz Security just released a file containing over a million user logins. Home addresses included.

The Lulz crew says their gigantic dump includes:

Personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 "music codes" and 3.5 million "music coupons".

Not stuff you want floating around on MediaFire (and not something we're going to link to, out of respect for the privacy of that million plus).

So, why'd they do it this time? FOR THE LULZ? No. To teach a lesson, they say:

Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?

Source: Hackers Spill over 1,000,000 Sony Online Accounts

 

[asingh]

Is this the payload from the first breach, or they did it again.

SQL injection.

 

[Scorpy]

Haha ... take that sony :X .... >.> ... although sony has done nothing wrong :X ... but YEA .. WOOOT !!

 

[Ethan_Hunt]

This is a recent attack and it's really getting out of hand now.

 

[delguy19]

Should those in india worry abt stolen credit card nos. as well??

for better peace of mind get ur card blocked and get new one.

 

[pretttt]

From a reddit comment:

The sad thing is because most people use identical passwords across services that most of their emails are now public. I just tried 3-4 and they all worked. Truly a disaster for all their consumers.

 

[blahmaster]

at the second hacking incident posted by ethan hunt -

Those numbers are first of all exagerrated and their has been no news on it

Pretty Much Fake for now and these lulz sec guys should be sent to jail, they have also hacked nintendo and edios site

 

[comp@ddict]

Sony sony sony, you messed with a few wrong guys. and look what's happened

 

[Aman27deep]

I remember in an interview GeoHotz said that he'll work on a PSP2 hack, i hope that's correct