Hackers broke into Sony Corp’s computer networks and accessed the information of more than 1 million customers to show the vulnerability of the electronic giant’s systems, the latest of several security breaches undermining confidence in the company.
LulzSec, a group that has claimed attacks on US PBS television and Fox.com, said it broke into servers that run Sony Pictures Entertainment Web sites. It published the names, birth dates, addresses, e-mails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony.
“From a single injection, we accessed EVERYTHING,” the hacking group said in a statement. “Why do you put such faith in a company that allows itself to become open to these simple attacks?”
The security breach is the latest cyber attack against high-profile firms, including defense contractor Lockheed Martin and Google Inc.
LulzSec’s claims came as Sony executives were trying to reassure US lawmakers at a hearing on data security in Washington about their efforts to safeguard the company’s computer networks, which suffered the biggest security breach in history in April.
Sony has been under fire since hackers accessed personal information on 77 million PlayStation Network and Qriocity accounts, 90 percent of which are users in North America or Europe.
Sony said at the time credit card information may have been stolen, sparking lawsuits and casting a shadow over its plans to combine content and hardware products via online services. Nobody has claimed responsibility for the April attack.
It later revealed hackers had stolen data from 25 million users of a separate system, its Sony Online Entertainment PC games network, in a breach discovered on May 2.
Sony said it was investigating the breach claimed by LulzSec and declined to elaborate. Sony shares in Tokyo fell 0.6 percent yesterday, in line with the broader market.
The latest attack, unlike that on the PlayStation Network, was not on a revenue-generating Web site and was likely to have no impact on earnings, analysts said.
Reuters confirmed the authenticity of the data on several contestants that LulzSec said it had published.
Cyber security is quickly rising up the agenda for global policymakers.
The Australian government said yesterday it will develop a cyber-defense strategy and the US said in a report last month that hostile acts in cyberspace would be treated just like any other threat to the country.
The hacking attack on Lockheed may have compromised the safety of SecureID tokens made by EMC Corp, while that on Google targeted, among others, senior US government officials’ data.