The incident follows a similar one in April that exposed information on 100 million consumers.
Hackers continued to punch holes in Sony Corp.’s security this week, including a breach yesterday of the Sony Ericsson e-commerce site in Canada. Hackers reportedly gained access to customer data, including names and e-mail addresses, for at least 2,000 e-retail customers. The site sells Sony Ericsson mobile phones and accessories.
Visitors to the e-retail portion of the Canadian site, http://ca.eshop.sonyericsson.com, received a message Wednesday indicating the site was offline or they were intermittently routed to Sony Ericsson’s U.K. e-retail site to make purchases. Sony Ericsson did not immediately respond to requests for comment.
A self-described “Lebanese grey-hat hacker” with the screen name Idahc claimed responsibility for the breach and posted nearly 1,000 of the records online. A file containing some of the names and e-mails taken from the e-retail site appear on The Hacker News, a web site that tracks hacks. The file includes a message reading: “I hacked the database of ca.eshop.sonyericsson.com with a simple sql injection (LOL). Hackers vs. Sony. We are the winners.” An SQL injection is a hacking technique that takes advantage of web programming errors by inserting the hacker’s instructions into data entry fields on a web site.
Sony is still coming to terms with a hack uncovered in April that resulted in criminals gaining access to information on more than 100 million customers of its gaming properties. Sony began bringing its gaming properties back online last week.