[Jump to update on 6/4/2011, sensitive accounts compromised] Today, Lulz Security (LulzSec) successfully hacked Sony Pictures’ databases using a simple SQL injection by exploiting a basic security gap. Last month LulzSec hacked Sony Music Japan using a SQL injection, soon after another group used the same method to attack Sony BMG Greece! The big deal with today’s hacking of Sony Pictures’ database is that at least 1 million of the 4.5 million records that were discovered in the database hacks contain sensitive user information – we’re talking passwords, e-mail addresses, street addresses and usernames. All this information is currently available to the world right now, and as long as the site stays up it’s on the LulzSec website. Too bad for you if your credentials are in those 4.5 million records – but don’t sit on your hands and wait around for something worse to happen (change your passwords because no one else will help you!).