LulzSec gets Sony again

We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures  (including passwords) along with 75,000 "music codes" and 3.5 million "music coupons"

This is a statement released by the group. As you already know this is the same group who hacked PBS recently and posted a fake article claiming the rapper Tupac was still alive.

One file named Sony BMG Music Entertainment Belgium has this note :

"This target gave us LOLs as it provided internal release dates of records, bar-codes, sales reports, and plain-text Sony employee passwords."

They claim that this recent attack on Sony was a simple SQL Injection. 

Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in  a company that allows itself to become open to these simple attacks?"

What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plain-text, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it."

All of what the group has said can be found on their Twitter page. They say that they will accept contributions in the form of BitCoin virtual currency that will be used to help them do more hacking. A few people have said on some IRC channels that because people use the same emails and passwords for multiple accounts they were able to get into others Facebooks and such.