The Sony PlayStation network breach has revived Australia’s dormant security disclosure debate. Rob Forsyth, A/NZ managing director of Sophos, says the government must legislate for mandatory disclosure, noting that it has been proposed in a large number of privacy recommendations. If personally identifiable information is lost …
Aus laws indeed do need to be updated: Clear and fair copyright laws, disclosure, laws against information collection, allowance for civil/criminal action against companies with uncompliant security proceedures.... the list goes on.
I also have to wonder what other countries are in a similar situation?? What about the US or the UK? Have they got such laws in place?
Don't use real name or birthday
This is why I fake my name and birthday when non-essential systems 'require' I give them information.
And this is not really me writing this...
Never have and never will own a console system (if you can actually own one).
All you have to do is wait and they bring themselves down.
If it turns out
that Sony neglected to encrypt personal data then they should be thrown to the wolves. It is simply unforgivable in this age and how easy it is to implement should it turn out that they have not done this.
I smell blood....
Australia's merchants are suffering from tens if not hundreds of millions of dollars in losses because most of the major banks won't do credit card address verification and claim its a privacy issue yet some overseas banks do provide it. Most of the major credit card processors can't even check CVC codes.
To take as long as they did to inform the users firstly that it was a hack, then another delay in informing them that their personal information and possibly CC details was taken. Sony has opened themselves up to a world of hurt if (sorry did I say if I meant "when") credit card fraud starts erupting from this