Lulzsec hacker pleads guilty over Sony attack

Lulz Security man in hat icon
Image caption Lulzsec were known for carrying out attacks for the "lulz", a variation of "lol", meaning "laugh out loud"

An American member of hacking group Lulzsec has admitted attacking the Sony Pictures website.

The admission of Raynaldo Rivera, of Arizona, emerged in court documents detailing a plea agreement he has reached with prosecutors.

The attack made the database behind Sony's website surrender the names, addresses, birth dates and passwords of thousands of account holders.

Lulzsec then posted the data on a separate widely accessible website.

The attack on Sony was one of many designed to show up the company's poor security practices. The Lulzsec hackers did not profit from the data they stole, but court papers suggest clearing up after the attack cost Sony $605,000 (£376,550).

Rivera attacked the Sony site through a third-party re-directing or proxy service called HideMyAss. Information about his identity was gained from this service via a court order and led to his arrest in August 2012 .

Information gathered during Rivera's arrest led police forces in the US and other countries to track down other members of the Lulzsec group.

The Lulzsec group is a loose-coalition of hackers associated with the protests co-ordinated by the Anonymous collective. Lulzsec was very active in 2011, but the arrest of many of its members has forced it to keep a lower profile.

As well as pleading guilty to the attack, the plea agreement also requires Rivera to pay compensation to Sony. He also faces spending up to five years in prison and could have to pay a fine of $250,000 (£156.000).

More on this story