Sony just can't get a break, Sony Ericsson Canada and Sony BMG Japan's websites have been just been reported hacked and first and last names, email addresses and encrypted passwords of 2,000 users have been compromised. No other personal or credit card information was taken as per a Sony statement.
According to a Computerworld report, "a Lebanese hacker who had breached the site and accessed email addresses, passwords and names of thousands of users of Ericsson's Eshop online store in Canada. The information was then posted on Pastebin.com."
The hacker allegedly 'found' a common Web programming error, known as SQL injection flaw, that allowed him to dig up the records on the Canadian version of the Official Sony Ericsson eShop, an online store for mobile phones and accessories.
According to a PCWorld report, Ivette Lopez Sisniega, a Sony Ericsson Mobile Communications spokeswoman stated that, "Sony Ericsson has disabled this e-commerce website," she said in an e-mail message. "We can confirm that this is a standalone website and it is not connected to Sony Ericsson servers."
Sony Ericsson is Sony's mobile technology and smartphone company shared with Swedish telecom giant Ericsson.
This latest attack on a Sony company comes a month after coordinated attacks to Sony's online services compromised 100 million user accounts globally. Sony recently acknowledged that the previous hacker attacks would cost at least US $170 million. More importantly, it is affecting Sony's bottom line even as Sony is set to post a $3.2 billion annual loss, Sony's second largest ever.
Sony has apparently earned the ire of the hacker community after it sued George Hotz who managed to install Linux on the PlayStation 3 console and then posted the process in his blog and in various websites. Sony went after ISP's to hand over IP addresses of people who visited Geohot's social pages and YouTube videos. As a result, hackers have made it a sport to shut down Sony's online services and steal user's information and expose Sony's security vulnerabilities in the process.
Sources: