A heads up before we begin: in case you’re unfamiliar with the lulz, you should check out the Metaviews glossary entry on the term (made by yours truly).

Through a series of clever hacks, the folks at Lulz Security have captured our collective imagination and stolen some of the spotlight from Anonymous. LulzSec first made headlines in May for hacking Sony Pictures, but they’ve since penetrated systems belonging to PBS, Nintendo, Britain’s National Health Service and an FBI affiliate site known as Infragard.

Declaring themselves to be “pirate ninjas”, LulzSec’s hacks often seem more like amusing pranks than serious security breaches. They issue hilarious press releases via twitter or Pastebin, deface websites with internet memes and, in the case of the PBS hack, they spread a false news story claiming deceased rappers Tupac and Notorious B.I.G. were alive and well in New Zealand. Given such a tone, it’s not all that surprising that CBS assumed that LulzSec was behind the recent “Hashbrown Hoax” hack on the Conservative Party of Canada website (in reality, a hacker calling themselves @LulzRaft claimed responsibility, but they seem to be at least inspired by LulzSec).

When security firm Black & Berg offered a $10,000 reward to the first hacker(s) to deface their site, LulzSec did it with ease, but declined to collect, saying “Keep your money. We do it for the lulz.” This commitment to the ethic of lulziness, combined with their sense of humour seems to have won over the hearts and minds of the internet. LulzSec has picked up over 100,000 twitter followers in the past few weeks and more than a few security analysts have professed their admiration for the group, hailing them as a return to playful hacking of days past.

Now, if you’re a company like Sony, this is bad news. What does it say about your brand when people are sympathizing with the perpetrators instead of the victim?

However, it’s not just those companies targeted by hackers that have cause for concern. The amount of attention garnered by LulzSec -- as well as by Anonymous and to a lesser extent, 4chan -- is indicative of a burgeoning acceptance of the internet for what it actually is: an end to end anarchic network open to anyone with the right skills or tools. This is a troubling development for firms that traffic and trade in personal or financial information online. With the advent of e-commerce, companies expended substantial rhetorical energy convincing people that the internet was a safe place to share information and shop, and the increasing frequency of hacks that expose personal data are alerting us to the emperor's nakedness.

When LulzSec hacked Sony, they nabbed one million user accounts and passwords and published a sample of them. The data included names, email addresses, passwords and home addresses. Critics pointed out that many of the users appeared to be seniors, and by publishing their passwords, LulzSec was exposing them to more malicious activity, especially seeing as older people are more likely to use the same password for everything. LulzSec quickly responded, saying “I hear there's been some funny scamming with jacked Sony accounts. That's what you get for using the same password everywhere. Hey innocent people whose data we leaked: blame @Sony.”

Although the response is callous, and the choice to leak personal data makes their hats a little blacker, LulzSec is still right, and their answer points to the importance of media literacy in the contemporary era. Computer security will forever be an arms race (and one that firms and governments seem to be losing), and unless we’re willing to accept fairly draconian changes to the very architecture of the internet, we’re going to have to learn to be savvier with our information. After all, what’s easier: using a few different passwords, or tracking down and prosecuting everyone involved with LulzSec and Anonymous?