[vSaAmTp]

LulzSec release hacked Data.

Greetings folks. We're LulzSec, and welcome to Sownage. Enclosed you will find various collections of data stolen from internal Sony networks and websites, all of which we accessed easily and without the need for outside support or money. We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 "music codes" and 3.5 million "music coupons". Due to a lack of resource on our part (The Lulz Boat needs additional funding!) we were unable to fully copy all of this information, however we have samples for you in our files to prove its authenticity. In theory we could have taken every last bit of information, but it would have taken several more weeks. Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it. This is an embarrassment to Sony; the SQLi link is provided in our file contents, and we invite anyone with the balls to check for themselves that what we say is true. You may even want to plunder those 3.5 million coupons while you can. Included in our collection are databases from Sony BMG Belgium & Netherlands. These also contain varied assortments of Sony user and staffer information. Follow our sexy asses on twitter to hear about our upcoming website. Ciao! ^_^

http://www.mediafire.com/?4eqdhjq4uqltwb0 or on http://lulzsecurity.com/

In the File (1,3MB) Sownage.rar was:

SonyPictures.com has been owned, this is its SQLi hole: ## http://www.sonypictures.com/homevide...w.php?id=12838 ## TEAR THE LIVING **** OUT OF IT WHILE YOU CAN; TAKE FROM THEM EVERYTHING! Contents of our plunder: ## Sony_Pictures_International_AUTOTRADER_USERS.txt ## -- In this file you will find just under 12,500 customers of Sony; this includes dates of birth, addresses, emails, full names, passwords, user IDs, and personal phone numbers. ## Sony_Pictures_International_BEAUTY_USERS.txt ## -- In this file you will find just under 21,000 customers of Sony; this is a simple email/password drop. Enjoy your account stealing. ## Sony_Pictures_International_COUPONS.txt ## -- In this file you will find just under 20,000 Sony music coupons; please note that there are 3.5 million coupons to take - get 'em. ## Sony_Pictures_International_DELBOCA_USERS.txt ## -- In this file you will find just under 18,000 customers of Sony; this is a simple email/password drop. Again, enjoy your stealing. ## Sony_Pictures_International_MUSIC_CODES.txt ## -- In this file you will find just under 67,000 Sony music codes; they're like magnets, we simply have no idea how they work. ## Sony_Pictures_International_TABLE_LAYOUT.txt ## -- In this file you will find the layout of the database; that means you can easily see where to steal things from. Note that the database contains far more user information/coupons than we took. The point is that we had control of them; all of them. We leave the rest up to you - steal as much as you want, go forth! ADDITIONAL OWNAGE: ## Sony_BMG_Music_Entertainment_NETHERLANDS ## -- This file contains the user database of BMG Netherlands; it's around 600 usernames, emails, and passwords. Enjoy. ## Sony_BMG_Music_Entertainment_BELGIUM ## -- This file contains the Sony admin database of BMG Belgium; also lots of barcodes, release dates, and other juicy ****.

And one Tweet about PSN:

Uh-oh #PSN... Linux sdk-pct06.station.sony.com 2.6.18-164.15.1.el5 #1 SMP Wed Mar 17 11:30:06 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux

************* [ - Post Merged - ] *************
I have not Downloaded the File on Torrent, but this must be the Complete backup of Sony Pictures and Sony BMG:

Link Removed see rules

[KingKush]

Source: http://www.bbc.co.uk/news/business-13636704

A hacker group has claimed it has attacked the Sony network and stolen more than one million passwords, email addresses and other information.

Lulz Security said it broke into servers which run SonyPictures.com.

Sony said it was aware of Lulz Security's statement and was investigating, the Associated Press reported.

In April, hackers broke into Sony's PlayStation Network and stole data from more than 77 million accounts.

That attack was considered the biggest in internet history and led to Sony shutting down the PlayStation Network and other services for almost a month.

In a statement on Thursday, Lulz Security said it had hacked into a database that included unencrypted passwords as well as names, addresses and dates of birth of Sony customers.

"From a single injection, we accessed EVERYTHING," it said. "Why do you put such faith in a company that allows itself to become open to these simple attacks?"

The group also recently claimed responsibility for hacking the website of the PBS network and posting a fake story in protest of a new programme on WikiLeaks.

[KingKush]

maybe we should asked them to get those 3.61 keys why they were at it, what you say boys how about those encryption keys next time cheers lol...

[Annelies]

More pointless hacking of Sony websites. They should just leave them alone now and just accept the fact that OtherOS isn't coming back, and even if it did CFW wouldn't die and Sony would still have people pirating their games, so Sony has no reason to bring it back and they probably won't.

[Thelostdeathknight]

And just for LULZ, you know how we feel about LULZ, All of sony's PS3 keys & algorithms for figuring out the ones we couldn't find that would be epic

[KingKush]

Its not pointless, its hurting Sony where it hurts most the pocket book. you have to understand corporations have no souls and treat their customers like crap because there isn't enough competition to off set the balance...

[bruiser brody]

Originally Posted by Annelies More pointless hacking of Sony websites. They should just leave them alone now and just accept the fact that OtherOS isn't coming back, and even if it did CFW wouldn't die and Sony would still have people pirating their games, so Sony has no reason to bring it back and they probably won't.

I think these guys motives are more towards Sony's actions and being dicks to everyone that wanted to open up and explore the PS3 eg. How Sony sued people like Graf.

These guys messed with some news site last week in retaliation of comments they made about Wikileaks. So you could say they have similar styles to how Anon decides to target companies.

I agree with you though about this being pointless hacking of sites, especially since there was that Bill in the US passed last week to do with blocking websites. That Bill got put on hold, but acts like this(even though totally irrelevant to that Bill) just strengthen governments ideas on censoring and using Big Brother style tactics on the internet.

[KingKush]

Originally Posted by bruiser brody I think these guys motives are more towards Sony's actions and being dicks to everyone that wanted to open up and explore the PS3 eg. How Sony sued people like Graf. These guys messed with some news site last week in retaliation of comments they made about Wikileaks. So you could say they have similar styles to how Anon decides to target companies. I agree with you though about this being pointless hacking of sites, especially since there was that Bill in the US passed last week to do with blocking websites. That Bill got put on hold, but acts like this(even though totally irrelevant to that Bill) just strengthen governments ideas on censoring and using Big Brother style tactics on the internet.

Have you ever considered some rouge groups could very well be government black flag operations inflicting damage on its own partners to strengthen its position for further control of the ppl with such bills. Its classic warfare, scare the ppl into submission... Problem reaction Solution, first you create the problem then you scare the ppl then offer a solution, get what you want and be a hero what else could you want. This method is used allot just open your eyes....

Here's a example a very sneaky way to get a super model to sleep with you...
first follow her home, know her route next time. Pay your friend 50$ & some mountain dew to pretend to rob her, you walk by and stop the robber as he takes her sh1t you pretend you beat him up, he runs away you get the girl plus your a hero now... Guess who's paying for Dinner that night & on top of that you get laid, a well spent 50$ if I do say so myself lol...

Ps live a little treat yourself to a steak that night & maybe some drinks Don't worry I'm sure she's picking up the tab that night

[Wolfie708]

Originally Posted by KingKush Have you ever considered some rouge groups could very well be government black flag operations inflicting damage on its own partners to strengthen its position for further control of the ppl with such bills. Its classic warfare, scare the ppl into submission... Problem reaction Solution, first you create the problem then you scare the ppl then offer a solution, get what you want and be a hero what else could you want. This method is used allot just open your eyes....

A wee bit paranoid, but I do agree the point is valid

[wizdumb]

Heres a scary thing that just happened. After looking through the files, just for kicks I picked one random email/password and was able to log in. They had purchase confirmation emails from amazon and we all know a lot of people use the same email/password for different sites and of course this was the case. I clicked on "my account" and everything I needed to use for purchases was there (CC info, name, address, etc.). I know I shouldn't of invaded and gone that far, but I also know when to draw the line and not be stupid enough to scam someone out of their money. Sad thing is there will be a lot of fraud from this uploaded file.