Looks like it’s open season on Sony as far as hackers are concerned. Digital security firm Sophos reports that a database chock full of personal information from registered users of Sony BMG Greece has been posted online.
The database includes names, user IDs, and their associated email addresses, although as Sophos points out, such info as telephone numbers and passwords appear to be “either missing or bogus.”
As of Monday morning, the entire SonyMusic.gr website looked to be down for the count; it’s not clear whether the site was kaput due to the hacker attack or because Sony had taken the site offline. Another possibility: a crush of curious rubberneckers.
The latest attack comes more than a month after hackers took down Sony’s PlayStation Network and stole a treasure trove of personal information in the process. Meanwhile, a Sony site in Thailand was found last week to be hosting a malicious phishing site.
So, why are Sony sites being hacked left and right? Is Sony’s online security team asleep at the wheel? Well, yes and no. Hackers are, indeed, taking advantage of very real, wide-open gaps in Sony’s online defenses. On the other hand, it’s “nearly impossible to run a totally secure web site,” Sophos notes—and for now, it’s “popular within the hacker community to expose Sony’s flaws.”
Here’s the thing: Given that hackers seem to have a bead on Sony these days, now is a good time to change any and all the passwords for your various online Sony accounts—and you might even consider deleting any stored credit card information, at least for the time-being. But just because Sony’s being singled out for hack attacks doesn’t mean that other online giants aren’t vulnerable, too.
Source: Sophos
