Fail! Sony SQL injected multiple times{3}

by Willen L
In this article the author talks about how Sony fails at many security measures. Sony’s PlayStation Network and Sony Online Entertainment has been compromised in the past but now, even though you would think they would wise up a little bit, has been compromised again by SQL injection attack method. Specifically, Sony BMG Greece was hacked and lost about 8,000 customer records. Days later, another attack by a group called “LulzSecurity” , who is known for hacking databases, used SQL injection to attack Sony BMG in Japan and succeeded. The hacker group did not appear to get any sensitive information but they made it clear to the public about Sony’s lack of security implementation even after their past events with getting hacked. They group of hackers posted this comment, “This isn’t a l337 h4x0r, we just wanted to embarrass Sony some more. Can this be hack number 8? 7 and a half?”.

This attack was not meant to harm the customers but to prove that Sony was failing at security even after those past hacking incidents. So what does this say about other companies? Even this Fortune 500 Company could not keep customer data safe from hackers. Even with all their resources they fail at keeping their databases secure. Would a company with fewer resources be more vulnerable to attacks? I can tell you that I am very concerned about my information now that I’ve read this article…

I think this article relates to our class because we are starting to study SQL and I think that we should understand the threats that are out there and, if possible, prevent it with good practices.

Mick, J. (2011 May) Bringing Great Shame to Their Family: Sony Hacked Yet Again. Daily Tech. Retrieved February 13 , 2012, from