It seems that hacking Sony’s assets has become a communal game in the hacker underground. Since the PSN hack, hardly a week went by without a hacker notifying the public about the latest hack of a Sony site and the compromise of user information.
And while the original attack seems to have been perpetrated by a gang that harvested the information in order to monetize it, the successive hacks appear to be executed “for the lulz” – i.e. to simply mess with a big corporation and to prove the hacker’s knowledge and ability.
The latest attack of that kind has allegedly been performed by a Lebanese hacker that goes by the handle “Idahc”, who claims to have hacked the database of ca.eshop.sonyericsson.com with an SQL injection.
To prove his success, he published part of the database he exfiltrated on pastebin.com. The records include users’ first and last names, email addresses and password hashes. According to Softpedia, Idahc also claims that he had access to information such as credit card details when he hacked into the database, but that he didn’t extract it because he is not a black hat.