Sony Portugal breached

[altonius <altonius () gmail com>]

The same Lebanese hacker who targeted Sony Europe on Friday has now
dumped a database from Sony Portugal.

The hacker claims to be a grey hat, not a black hat, according to his
post to pastebin.com.

"I am not a black hat to dump all the database I am Grey hat"

Instead of dumping the entire database like many previous Sony
attackers, idahc only dumped the email addresses from one table in
Sony's database.

He claims to have discovered three different flaws on SonyMusic.pt,
including SQL injection, XSS (cross-site scripting) and iFrame
injection.

http://nakedsecurity.sophos.com/2011/06/09/sony-portugal-latest-to-fall-to-hackers
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/