14 DAY TRIAL // The number of compromised Sony websites keeps growing by the day, with a new breach on one of the company's European web properties being announced just hours ago.
A hacker who goes by the name of Idahc claims to have obtained access to the apps.pro.sony.eu database which contained the personal information of around 120 developers.
Extracted data includes usernames, passwords, mobile phone numbers, email addresses and, in some cases, websites.
Even though the passwords were not stored in plain text, they were hashed with MD5, an algorithm that is known to be insecure. They weren't "salted" either.
As a result, the hacker managed to recover and include most of them in his public data dump on pastebin.com. Judging by the screenshot released by Idahc, the method of compromise was SQL injection, the same type of attack that led to many of Sony's websites to be hacked recently.
The electronics giant is most likely aware of this most recent incident because the apps.pro.sony.eu website has been taken offline.
This is Idahc's second Sony-related compromise. Last week the hacker broke into Sony Ericsson's Canadian eShop and leaked parts of the customer database.
The hacker claimed at the time that he also had access to credit card details stored in the database, but didn't proceed to extract them because he is not a black hat.
Idahc says he's from Lebanon and he's doing this just because the hackers vs. Sony game is fun. "I was Bored and I play the game of the year : 'hacker vs Sony'," he writes in his announcement.
This new attack comes one day after a hacking group called LulzSec hacked into SonyPictures.com and stole the account information of one million customers, as well as other sensitive data.
