ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Sony Data Breach

sony.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 37,103
Breach date 02 Jun 2011
Added to tracker 04 Dec 2013
Data classes 8

What happened

In 2011, Sony suffered breach after breach after breach โ€” it was a very bad year for them. The breaches spanned various areas of the business ranging from the PlayStation network all the way through to the motion picture arm, Sony Pictures. A SQL Injection vulnerability in sonypictures.com lead to tens of thousands of accounts across multiple systems being exposed complete with plain text passwords.

Exposed data

Dates of birth Email addresses Genders Names Passwords Phone numbers Physical addresses Usernames

Recommended actions

  • Change your Sony password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Sony โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP