It seems that Sony just can’t get a break. Sony BMG Greece’s website has been hacked and users who have registered with the site has had their account details plastered online, including their usernames, real names and email addresses. To add insult to injury, the way the site was hacked wasn’t as hard as you’d imagine – the attacker used an SQL injection tool to get in, something a half decent hacker knows how to use (incidentally, this is one of the ways security firm HBGary was hacked). One silver lining in all of these security problems is that when Sony’s done revamping their sites and patching known vulnerabilities, more likely than not they’ll have one of the best protected network of sites and services this side of the net. Question is, will their customers still trust them with their data?
Source: Sophos