(guardian.co.uk) A suspected member of the clandestine hacking group LulzSec has been arrested in Arizona by the FBI on charges of taking part in an extensive breach of the Sony Pictures computer system.
A federal grand jury indictment charges Cody Kretsinger, 23, with conspiracy and the unauthorised impairment of a protected computer in connection with the attack in May and June.
LulzSec, an underground group also known as Lulz Security, at the time published the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony.
“From a single injection we accessed EVERYTHING,” the hacking group said in a statement at the time. “Why do you put such faith in a company that allows itself to become open to these simple attacks?”
Hackers previously had accessed personal information on 77m PlayStation Network and Qriocity accounts, 90% of which belonged to users in North America and Europe, in what was then the biggest such security breach in history.
The nine-page indictment said Kretsinger and co-conspirators obtained confidential information from Sony Pictures’ computer systems using an “SQL injection” attack against its website, a technique commonly used by hackers to exploit vulnerabilities and steal information.
Kretsinger, alleged to have called himself “recursion” online, helped post information he and his co-conspirators stole from Sony on LulzSec’s website and announced the intrusion via the hacking group’s Twitter account, the indictment said.