Apparently someone really has it in for Sony, because just as Sir Howard Stringer was probably kicking back thinking that the Playstation Network hacking nightmare was finally behind them, a group called LulzSec has hacked into the Sony Pictures website, stealing personal information for about 1 million users in the process.
LulzSec is the same group that hacked into the PBS website last week, posting a claim that Tupac Shakur was alive and well and living in New Zealand.
Unlike with the PSN site hack, the nice folks at LulzSec have offered proof of their handiwork, releasing the email addresses and passwords for about 39,000 users, and including the home addresses and dates of birth for about 12,500 more. They also released personal data for about 600 users of the Sony BMG Netherlands website.
LulzSec says the files were unencrypted, and accessed using a simple SQL injection attack. Evidence suggests the data was collected as a part of several sweepstakes contests that Sony has run in the past.
Apparently LulzSec were a little pissed off that nobody at Sony noticed as they were downloading their secret files, so they sent them the friendly tweet shown above to let them know. Who says hackers don't have good manners?
For their part, a Sony spokesperson said "We are looking into these claims." Great, may I suggest running some help wanted ads for Internet security experts?