Hackers Say They've Breached "All Sony Systems", Threaten To Sell Stolen Data

L4sBot@lemmy.worldmod to Technology@lemmy.world – 205 points –
thegamer.com

Hackers Say They've Breached "All Sony Systems", Threaten To Sell Stolen Data::Hackers are threatening to sell data from Sony, saying it has gained access to "all" of its systems.

31

Can the hackers change the region on my account for me? Sony won't let me change it.

If they can reset my battlenet 1 year lockout from signing in and out that'd be great too

All of Sony only contains 6000 files? I always thought they were a giant multinational, who knew Sony was just two guys running the operation out of their apartment?

All the user data is stored in a single json blob

Lmao could you even imagine? Gigabytes of json 💀

Imagine parsing that 💀

No need to imagine. A lot of dump (map data, user data, etc) can reach the gigabytes and terabytes and are done in JSON. Good tools will stream the data and filter it anyway (like jq). You don’t need the whole file in memory.

They run jq queries in shell to get user data

I'd bet that they use cloud based file shares and these hackers have not actually breached all of their systems. Either that or they're saying only 6000 files contain interesting data that would be worth leaking.

Last time they were hacked, that I know of, it was a simple SQL injection that did them. Sony seems to be hiring lowest experienced people around or simply doesn't care about security, or both. Am not surprised by anything anymore related to Sony.

Why is Sony particularly bad at security?

I left their entire ecosystem forever after they were hacked multiple times during PS3 era, and were still too arrogant or lazy to add 2FA to accounts. (My bank at the time wouldn't even allow my card to be added to PS store because of rampant fraud.) They were later hacked by (checks notes...) North Korea, who spilled their corporate secrets (and pissed of Sandler, Fincher, others).

Not to mention rootkits, insane DRM (see Cinavia), Blu-ray shady business (looks at price of BD players now), proprietary everything (memory cards, cables), focus on gimmicks, the horrendous design of PS5 (lol), etc.

Can't really hire the same quality engineers as big tech I think.

I work in big tech.

IMO, any company could happily hire FAANG quality engineers if they wanted to. They just need to offer the same kind of perks that you'd get from the likes of Meta or Google: career growth, easy team transfer with visa sponsorship, and some solid RSU's.

In my experience, the engineers in big tech are no better. They're just the ones that got through the process, and stayed because of the benefits. I'm a tech lead in my team, and I'm a self-confessed fucking idiot. The Harvard and Oxbridge grads I work with are no better than the ones I worked with that went to the local college.

I genuinely believe that visa sponsorship and remote/flexible working arrangements would be enough to entice many FAANG engineers away from servitude, and towards whatever company offered.

You can outsource and they're also huuuuuuge. If you think Microsoft need a trillion dollar cap to cover cover security you're wrong. This is down to simple greed and penny pinching.

I'm pretty sure they were one of the original "Big Tech" companies before the markets got flooded with cheap consumer electronics from China.

They got my PS3?

I just realized I own a Walkman.

It's never ends, this shit!

I have two walkmans, one is a newer android model that I do not connect to the internet (NW-A306) and one is one that literally cannot connect to the internet or do anything besides play music and function as a DAC (WM1A).

People ITT: haha sony stupid at skurity

Also people ITT: what’s upnp?

And now Jim Ryan has stepped down this morning, what did they find on him in there, lol.

I can't understand why Sony don't get the best IT security tech installed? This doesn't need to happen.