Sony says hacker stole 2,000 records from Canadian site
Sony confirmed May 24 someone had hacked into its Web site and stole about 2,000 customer names and e-mail addresses.
Close to 1,000 of the records have already been posted online by a hacker calling himself Idahc, who said he is a “Lebanese grey-hat hacker.” Idahc found a common Web programming error, called an SQL injection flaw, that allowed him to dig up the records on the Canadian version of the Official Sony Ericsson eShop, an online store for mobile phones and accessories.
The hacker got access to records for about 2,000 customers, including their names and e-mail addresses and a hashed version of users’ passwords, according to a Sony Ericsson Mobile Communications spokeswoman. “Sony Ericsson has disabled this e-commerce Web site,” she said. “We can confirm that this is a standalone Web site and it is not connected to Sony Ericsson servers.”
Other than the names and e-mail addresses, no personal or banking information was compromised, she said. Sony Ericsson is a mobile-phone company run jointly by Sony and Ericsson.
Discover more from Chad M. Barr
Subscribe to get the latest posts sent to your email.