Hackers claimed Thursday to have compromised more than one million passwords, email addresses and other information from SonyPictures.com in the latest cyberattack on the Japanese electronics giant.

The claim was made by a group of hackers calling themselves "Lulz Security," who published a number of files online containing lists of thousands of stolen email addresses and passwords.

"We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts," Lulz Security said.

"Due to a lack of resources on our part we were unable to fully copy all of this information," the group said. "In theory we could have taken every last bit of information, but it would have taken several more weeks."

To "prove its authenticity," the group posted lists of thousands of stolen Gmail, Hotmail, AOL, Yahoo and other email addresses and passwords on Pastebin where they were publicly accessible.

Sony, whose online services have been targeted by a series of cyberattacks over the past few weeks, said it was investigating the latest alleged breach.

"We are looking into these claims," Sony Pictures Entertainment executive vice president Jim Kennedy said in a statement to AFP.

SonyPictures.com features movie trailers and information about films and television shows and also allows users who sign up to receive email updates.

Lulz Security, the group which claimed the attack on SonyPictures.com, said the data theft exploited one of the most "primitive and common vulnerabilities."

"Why do you put such faith in a company that allows itself to become open to these simple attacks?" Lulz Security said.

"What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it," the group said. "This is disgraceful and insecure: they were asking for it."

A loose-knit "hacktivist" group known as Anonymous began staging attacks on Sony's online services in April in retribution for its legal action against hackers who cracked PlayStation 3 defenses to change console operating software.

Anonymous acknowledged carrying out distributed denial of service (DDoS) attacks but denied involvement in any data theft or the latest attack by the group calling itself Lulz Security.

In a typical DDoS attack, a large number of computers are commanded to simultaneously visit a website, overwhelming its servers, slowing service or knocking it offline completely.

Sony's PlayStation Network, its Qriocity music streaming service and Sony Online Entertainment were among the services targeted by hackers.

The company later suffered attacks on websites in Greece, Thailand and Indonesia and on the Canadian site of mobile phone company Sony Ericsson.

According to Sony, 77 million PlayStation and Qriocity accounts have been affected along with 25 million Sony Online Entertainment accounts, bringing the total to more than 100 million and making it in one of the largest data breaches ever.

Sony said Thursday that it has restored PlayStation Network services everywhere except Japan, Hong Kong and South Korea and partially resumed Qriocity.

Sony has estimated that the cyber attacks could cost it 14 billion yen ($172 million), not counting compensation claims.

earlier related report
Sony begins making amends for PSN hack
San Francisco (AFP) June 3, 2011 - Sony on Friday began offering free videogames and virtual goods to members of its PlayStation Network in a bid to make amends for hackers breaking into the online entertainment service.

A "Welcome Back" program unveiled in North America lets network members with PlayStation 3 consoles pick two free videogames from a five-title list including "inFAMOUS" and "LittleBigPlanet."

Network members with PlayStation Portable handheld gaming gadgets can chose two of four titles, with options including "Killzone Liberation" and "ModNation Racers."

Sony also offered PSN members a free month of access to its PlayStation Plus subscription service featuring game software, discounts on titles, and exclusive digital content.

The apology package also included 100 virtual items from a PlayStation Home shop disabled along with PSN and Qriocity music-streaming service after hackers looted user information from Sony's systems.

"Today, we're excited to launch the Welcome Back program to thank you for your loyalty," PSN senior director Susan Panico said in a post at the PlayStation blog.

The program launched on Friday and free content will be available through July 3, according to Panico.

Welcome Back packages were to vary based on regions.

Sony on Thursday had restored PSN services everywhere except Japan, Hong Kong and South Korea, after being targeted in a massive online attack that prompted the Japanese company to shut down the network to harden defenses.

The consumer electronics titan has been under pressure to get its gamer network back in action, and users appeased, before the start of a major Electronics Entertainment Expo videogame gathering in Los Angeles next week.

Sony was attacked in one of the biggest data breaches since the advent of the Internet, in which the user names, passwords, addresses and birth dates of more than 100 million people may have been compromised.

The company later suffered attacks on websites including in Greece, Thailand and Indonesia, and on the Canadian site of mobile phone company Sony Ericsson.

On Thursday, a group of hackers calling themselves Lulz Security claimed to have compromised more than one million passwords, email addresses and other information from Sony movie site SonyPictures.com.

They published a number of files on the Web containing lists of thousands of stolen email addresses and passwords.