This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Sony hacker u-turns on sale of breached data

Share this article:
Sony hacker u-turns on sale of breached data
Sony hacker u-turns on sale of breached data
The hacker behind the recent attack and data breach on Sony has admitted that he is no longer selling the data which he seized last week.

In a statement, hacker 'NullCrew' claimed to have hit the electronics giant and posted information gained from its systems after taking control of eight servers. It said that it had a list of usernames, email addresses, passwords and other information that appeared to be related to Sonymobile.com.

The statement, which is no longer on Pastebin, read: “Sony, we are dearly dissapointed [sic] in your security. This is just one of eight sony servers that we hve [sic] control of. Maybe, just maybe considering IP addresses are avaliable [sic]. Maybe, just maybe it's the fact that not even your customers can trust you. Or maybe, just maybe the fact that you can not [sic] do anything correct technologically."

The list included 441 usernames with additional email addresses, 24 usernames with hashed passwords and three admin data sets. In an email to SC Magazine, a spokesperson for 'Official Null', who revealed his name to be 'Jonah', said that it 'got the data using SQL Injection'.

He said: “Of course, the server was terribly insecure, so we shelled the Sony Mobile site using 'INTO OUTFILE'. Now we've managed to gain access to eight different servers since we only had shelled one.”

However he also revealed that that the group is no longer planning to sell the data. “I'm not selling anymore because I'll probably release more data (for example on PSN) in the future,” he said.

'Jonah' did not respond to further emails in regard to where the SQL Injection vulnerability was, however he did say that it did directly target Sony. Regarding affiliation to other hacktivist groups or previous actions against Sony, which were prevalent last year, he said it was not directly associated with Anonymous, however it did support most of their operations.

Sony issued a statement confirming the hack saying that no credit card information was compromised in the attack and mostly users of its mobile unit in China and Taiwan were impacted. It also said it did not know the source of the attack.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Turn off WPS on routers for WiFi security

Turn off WPS on routers for WiFi security ...

A Swiss researcher is advocating turning off WPS to secure routers after finding a flaw that eliminates the randomness of codes generated by some routers when WPS is switched on...

Apple's iCloud hacked, nude celeb photos posted

Apple's iCloud hacked, nude celeb photos posted

Questions have been raised about the security of Apple's iCloud service, after a hacker posted nude pictures of celebrities to the 4Chan forum, claiming they were obtained after a hack ...