Fail! Sony SQL injected multiple times

by Willen L
In this article the author talks about how Sony fails at many security measures. Sony’s PlayStation Network and Sony Online Entertainment has been compromised in the past but now, even though you would think they would wise up a little bit, has been compromised again by SQL injection attack method. Specifically, Sony BMG Greece was hacked and lost about 8,000 customer records. Days later, another attack by a group called “LulzSecurity” , who is known for hacking databases, used SQL injection to attack Sony BMG in Japan and succeeded. The hacker group did not appear to get any sensitive information but they made it clear to the public about Sony’s lack of security implementation even after their past events with getting hacked. They group of hackers posted this comment, “This isn’t a l337 h4x0r, we just wanted to embarrass Sony some more. Can this be hack number 8? 7 and a half?”.

This attack was not meant to harm the customers but to prove that Sony was failing at security even after those past hacking incidents. So what does this say about other companies? Even this Fortune 500 Company could not keep customer data safe from hackers. Even with all their resources they fail at keeping their databases secure. Would a company with fewer resources be more vulnerable to attacks? I can tell you that I am very concerned about my information now that I’ve read this article…

I think this article relates to our class because we are starting to study SQL and I think that we should understand the threats that are out there and, if possible, prevent it with good practices.

Mick, J. (2011 May) Bringing Great Shame to Their Family: Sony Hacked Yet Again. Daily Tech. Retrieved February 13 , 2012, from


3 thoughts on “Fail! Sony SQL injected multiple times”

  1. You're right, that is pretty scary that such a big company could be hacked into more than once, and many questions arise concerning the safety of our personal information. It is really interesting how that "LulzSecurity" group went as far as to show the public that Sony's database could still be hacked into. This in turn shows us that even when a big company tries to improve its security, it could still be hacked. This makes me skeptical about putting my personal information up on the internet.

  2. LulzSec is making Sony look like a bunch of incompetent jack asses. Sony has proven again and again that they are unable to protect the data that customers give to them. A company of Sony's stature has no place in e-commerce if they can't learn their lesson. Sony is basically the kid that's lactose intolerant that keeps on eating ice scream and complains that he's constantly stuck with the runs.

  3. This news make Sony look horrible for their lack of security. It would make anybody skeptical of putting any information online were as a multi-million company couldn’t even protect their own database from hack. i think any company could be hack easy, just there isn’t any interest in hack them.

Comments are closed.