Categories: SecurityWorkspace

Second Alleged LulzSec Sony Hacker Arrested

An alleged member of the LulzSec hacktivist group has been arrested in the US in an investigation into last year’s hack of Sony Pictures Entertainment’s database.

Sony was pummelled by cyber attacks last year, the most significant one targeting its PlayStation Network (PSN) in April, which saw data of 77 million users compromised. In June, it emerged SonyPictures.com was hacked. LulzSec claimed to be behind the attack, saying it had published several lists with extracts from over a million compromised user accounts.

Raynaldo Rivera, a 20-year-old from Arizona, was taken into custody in Phoenix Arizona yesterday, the FBI said, charging him with conspiracy and unauthorised impairment of a protected computer. He could be jailed for up to 15 years, according to various reports.

Breaking LulzSec apart

The FBI has been cracking down on the hacktivist group. Another alleged LulzSec member, 24-year-old Cody Kretsinger, was arrested last year and pleaded guilty to charges relating to the same hit on Sony.

Hector Xavier Monsegur, known online as the leader of LulzSec “Sabu”, was recently given six months of semi-freedom for his contribution to the demise of the hacker collective, before being sentenced on 12 counts of violating federal law. Monsegur’s trial was delayed as he became an informant for the FBI after being arrested in June 2011, but he could still be handed 124 years in prison if found guilty of all the charges.

It is believed the Sony Pictures website was hacked with a simple SQL injection hit. LulzSec boasted about attacking the site over Twitter. “From a single injection we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?”LulzSec said.

Other Sony businesses, including Sony BMG Music Entertainment, Sony Qriocity, the Sony-run Japanese service provider So-net and the Canadian Sony Ericsson eShop were all believed to have been hacked, as was a company server in Thailand.

Yet the Information Commissioner’s Office (ICO) has not issued a decision on security practices at the company, having announced an investigation in April 2011, even though it told TechWeekEurope on 28 March this year that a decision was expected in around six weeks from that date.

The ICO has repeatedly told this publication that a decision is imminent, but nothing has emerged. Sony has not responded to a request for comment on a delay.

How well do you know Anonymous? Take our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

21 hours ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

23 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

1 day ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

2 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago