This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Sony hacker u-turns on sale of breached data

Share this article:
Sony hacker u-turns on sale of breached data
Sony hacker u-turns on sale of breached data
The hacker behind the recent attack and data breach on Sony has admitted that he is no longer selling the data which he seized last week.

In a statement, hacker 'NullCrew' claimed to have hit the electronics giant and posted information gained from its systems after taking control of eight servers. It said that it had a list of usernames, email addresses, passwords and other information that appeared to be related to Sonymobile.com.

The statement, which is no longer on Pastebin, read: “Sony, we are dearly dissapointed [sic] in your security. This is just one of eight sony servers that we hve [sic] control of. Maybe, just maybe considering IP addresses are avaliable [sic]. Maybe, just maybe it's the fact that not even your customers can trust you. Or maybe, just maybe the fact that you can not [sic] do anything correct technologically."

The list included 441 usernames with additional email addresses, 24 usernames with hashed passwords and three admin data sets. In an email to SC Magazine, a spokesperson for 'Official Null', who revealed his name to be 'Jonah', said that it 'got the data using SQL Injection'.

He said: “Of course, the server was terribly insecure, so we shelled the Sony Mobile site using 'INTO OUTFILE'. Now we've managed to gain access to eight different servers since we only had shelled one.”

However he also revealed that that the group is no longer planning to sell the data. “I'm not selling anymore because I'll probably release more data (for example on PSN) in the future,” he said.

'Jonah' did not respond to further emails in regard to where the SQL Injection vulnerability was, however he did say that it did directly target Sony. Regarding affiliation to other hacktivist groups or previous actions against Sony, which were prevalent last year, he said it was not directly associated with Anonymous, however it did support most of their operations.

Sony issued a statement confirming the hack saying that no credit card information was compromised in the attack and mostly users of its mobile unit in China and Taiwan were impacted. It also said it did not know the source of the attack.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Queen's website hosts controversial tracking technique

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.

Could MH17 sanctions push Russia to cyber warfare?

Could MH17 sanctions push Russia to cyber warfare?

A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber ...

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Snowden, Ellsberg ask hackers to help obscure whistleblower ...

Crowds of people came out to see Daniel Ellsberg chat with Edward Snowden at HOPE X conference.