Days after taking over the social media accounts of US television network Home Box Office (HBO), infamous hacker group “OurMine” has hit again, this time claiming to have hacked Sony PlayStation’s official Twitter and Facebook accounts. The hacker group is known for breaching into high-profile figures and companies’ social media accounts, including, those of the HBO.
According to a report in IBTimes.co.uk on Monday, in a series of posts, OurMine wrote: “Hi, it’s OurMine, we are a security group, if you work at PlayStation then please contact us.” The hacker group hacked the PlayStation Brasil’s account also and posted similar messages, trying to get the hashtag #PlayStationLeaks trending.
According to an OurMine member who was quoted in the report, they pulled off the breach using the gaming giant’s Sprout Social management account. OurMine also claimed that the PlayStation Network database was also potentially compromised. If true, it would mean that the user registration information such as names and email addresses can be exposed at the will of the hackers.
However, the hacker group has said it was not intending to release the data, claiming “we are a security group”. “We choose the people who have bad security to hack them and notify them about their security,” the hacker group was quoted as saying. Sony quickly regained access to the social media accounts and the posts have since been taken down.
“A pre-emptive move of running a bug bounty program may have aided Sony in avoiding the hack as it does for organisations that handle precious data including Facebook, Google and even the US Department of Defence running ‘Hack the Pentagon, Army and Air Force’ programmes,” Ankush Johar, Director of BugsBounty.com told IANS. BugsBounty.com is a crowd-sourced security platform for ethical hackers and organisations.
OurMine was also responsible for hacking the social media accounts of Facebook CEO Mark Zuckerberg, Google’s Sundar Pichai and Twitter’s Dick Costolo last year. They have also not spared the websites like Variety, TechCrunch and BuzzFeed. For Sony also, this is not a new experience. The Playstation service was crippled for a month in 2011 after sensitive information of about 77 million subscribers was exposed during a massive cyber attack.
“After the massive 2011 hack of Sony’s PlayStation Network, hackers claim that they’ve gained access to their data again,” Johar said. “Unfortunately, we’ve noticed in a lot of cases that social media credentials are written in plain text in configuration files that are left unprotected,” he added.