Sony hackers 'shared' stolen employee login data
- 30 December 2014
- From the section Technology
Data that helped hackers access Sony's internal network came from another group targeting the firm's gaming network, reports the Washington Post.
In an interview, a self-proclaimed Lizard Squad member said it had given stolen data to the Guardians of Peace.
The GoP has carried out several attacks on Sony in a bid to halt the release of comedy film The Interview.
By contrast, the Lizard Squad targeted Sony's PlayStation network knocking it offline on Christmas Day.
The man interviewed by the newspaper appears to be one of the two members who spoke to the BBC last week.
In the interview, the self-identified senior member of Lizard Squad said his group knew people that were part of GoP. Despite the connection, the spokesman said Lizard Squad did not play a "large part" in the attacks the GoP mounted against Sony.
GoP's attacks involved exposing confidential information about many Sony employees and sharing thousands of emails sent between employees, film stars and movie makers.
The Lizard Squad member said his group "handed over some Sony employee logins" that were used by GoP to get its initial attack underway. The admission is the first acknowledgement by the Lizard Squad of its connection to GoP.
The information throws some doubt on the theory that North Korea was behind the attacks on Sony's internal systems. The state was accused of being behind the hack by the FBI because The Interview is about a fictional American plot to kill North Korean leader Kim Jong-un, and Pyongyang has filed formal complaints about the film.
However, the Reuters news agency has reported that US investigators are exploring whether North Korea "contracted out" some of the work involved, which could explain how Lizard Squad formed links to GoP.
Lizard Squad members are all based in European nations, said the senior member.
The GoP attacks forced Sony to withdraw the film from its planned release, but it is now available to view online and is on show at some cinemas. It made about $15m (£9.6m) through downloads alone over its first three days of distribution.
The Lizard Squad spokesperson did not elaborate on how the group got hold of the login information for Sony employees. However, it is possible it found or uncovered them while searching for ways to attack the PlayStation gaming network.
The Lizard Squad has repeatedly attacked Sony's network and many others during 2014. On Christmas Day it managed to disrupt it and the Xbox Live network for hours leaving many gamers unable to log in.
The spokesperson said the attacks were carried out to expose the "massive security issues" many large companies suffer.
"The customers of these companies should be rather worried," they said.
The attacks on the PlayStation and Xbox networks have now stopped thanks to the intervention of tech entrepreneur Kim Dotcom. Instead, the group has switched its attention to the Tor network which has taken steps to limit the effect the Lizard Squad can have on the system.