The hackers likely behind the recent Sony attacks decided to publish the stolen personal information of 2,500 people online.
I've got some good news and some bad news. Here's the bad news: The hackers that were probably behind the attacks on the PlayStation Network and Sony Online Entertainment recently published a horde of stolen personal information online. The good news: It was evidently something that anyone could just look up in a phonebook.
Reuters reports that the hackers uploaded the names and partial addresses of 2,500 Sony sweepstakes contestants to a website. The sweepstakes occurred all the way back in 2001, so the information was largely outdated. The published data did not include credit card information, passwords, or anything else more useful to the criminal underworld.
"The website was out of date and inactive when discovered as part of the continued attacks on Sony," Sony told Reuters in a statement. The website was immediately taken down and was apparently controlled by Sony.
While it sucks to have to try and remember if we entered one of Sony's contests back in 2001, this incident seems like it could have been a lot worse. Names and addresses are easy to obtain even for those of us that don't have the ability to maneuver through a firewall using a kernel vulnerability. The move looks like more of a taunt than anything else, but I just hope that the hackers stick to publishing sweepstakes information from 10 years ago and stay away from the harder stuff.
*Edit* This information may not have been posted by the hackers that previously attacked Sony, as it was believed to be accessible on a public, unsecured server.