For the fourth time in a month hackers attacked network of Sony BMG company. The website of the Greek division of the company therefore the database with the user nicknames, their real names and the postal addresses was cracked was the purpose of the attack, the cybersecurity company Sophos reported.
Information on kidnapped persons of data appeared on Hacker News, the copy of information – on the PasteBin.com resource.Chester Wisniewski, the expert of Sophos, said that perhaps vulnerability was found in SQL by means of which the input in the closed part of the website was performed.
At the same time, most likely, malefactors used the automated tool for search of holes in security of SQL. "It is similar to old hacker school. A surprise was how Sony passed this elementary vulnerability, as led to leak", - the expert added.
According to him, such penetration did not demand from hackers of any superdifficult skills. At the same time for Sony it is not the first similar incident.
Last week Sony was forced to recognize that malefactors got access to So-net, the Japanese subsidiary company, and stole virtual keys for the amount $1200. In the same day cybersecurity company F-Secure stated that it exposed a phishing site which was hosted on the server of Sony in Thailand.
The damage from these two attacks was less significant, than from penetration last month into Sony PlayStation Network and adjacent resources which contained data more than about 100 million users.
The April attacks forced Sony to close both networks for several days while own command of security worked on elimination of a problem with involvement of consultants of three independent solution providers for information security.