In what seems to be a neverending nightmare it appears that the website of Sony BMG in Greece has been hacked and information dumped.
Sony said that it discovered a security breach affecting 8,500 user accounts in a music entertainment website in Greece.
Personal data including names, phone numbers and e-mail addresses may have been stolen, Sony added. No credit card numbers have been affected.
"It is nearly impossible to run a totally secure web presence, especially when you are the size of Sony," said Chester Wisniewski is a Senior Security Advisor at Sophos Canada. "As long as it is popular within the hacker community to expose Sony's flaws, we are likely to continue seeing successful attacks against them."
It appears someone used an automated SQL injection tool to find this flaw. It's not something that requires a particularly skillful attacker, but simply the diligence to comb through Sony website after website until a security flaw is found.
So users of SonyMusic.gr, are highly recommended to reset their password.
Since late April, Sony has experienced a complete loss of customer records from its the PlayStation Network (PSN) database and the Sony Online Entertainment (SOE) database.
Last week, the PSN network was briefly reactivated and then shut down after yet another security flaw was discovered. A Sony server had been also hacked
to host a website for an alleged phishing scam targeting an Italian credit card company and its users.
But Sony's headaches are not finished here.. So-Net, the Internet service provider unit of Japan's Sony, alerted customers an intruder broke into its system and stole virtual points from account holders.
Sony faces a new kind of challenge to its reputation after acknowledging security breaches affecting millions online accounts.
Sony said it had spent 14 billion yen ($170 million) to cover costs that included identity theft insurance for customers, improvements to network security, free access to content, customer support and an investigation into the hacking.