Second LulzSec member pleads guilty to Sony hack

A second suspect has admitted involvement in high profile attack last year against Sony Pictures website by notorious hacking crew LulzSec.

Passwords and personal information leaked as a result of the breach in May 2011. The site was breached using an SQL injection attack, a common hacking technique, to extract personal information (names, birth dates, addresses, emails, phone numbers and passwords) of individuals who had entered Sony competitions. At least 38,000 records were exposed.

Raynaldo Rivera (AKA "neuron," "royal," and "wildicv"), 20, of Tempe in Arizona, appeared in court last week to plead guilty to involvement in the hack. Another suspect, Cody Kretsinger, 23, of Phoenix, Arizona, pled guilty to similar computer hacking and conspiracy offences back in April as part of a similar plea-bargaining agreement.

Both are due to be sentenced in next year.

Rivera used the HideMyAss anonymising proxy service in an attempt to disguise his IP address while he carried out reconnaissance work, probing Sony Pictures' website for security vulnerabilities. HideMyAss turned over his IP address after the authorities issued a court order, ultimately exposing Rivera's identity. ®