Sony Music Portugal Website Hacked, Email List Leaked

A Lebanese hacker who broke into several Sony web properties until now has leaked a list of email addresses allegedly extracted from the sonymusic.pt database.

The hacker, who goes by the online handle of "Idahc," claims to have identified three vulnerabilities on the Sony Music Portugal website which facilitate SQL injection and cross-site scripting (XSS) attacks.

The SQLi flaw can allow attackers to read information from the site's database and the hacker exploited it to extract data from a table called "email_utilizador."