Sony warned that personally identifiable information for an additional 25 million customers was exposed after discovering a massive security breach extended to its online computer games service. The intrusion on Sony Online Entertainment systems exposed data for 24.6 million users, including their name, address, email address, …
Security by obscurity?
That trick never works, Bullwinkle ...
"No wonder Sony is looking for a senior application security analyst to join its team."
They couldn't pay me enough ... And I wouldn't want it on my c.v. anyway.
Are you sure? Being "the man who got Sony to be secure about user data" would probably make one immotal/
Nah. You wouldn't be able to crow about it ... Sony's NDAs are quite draconian.
"Main Credit Card Database"?
So.... how long until the announcement of a minor breach of the "Main Credit Card Database".
I wonder if they regret going after the PS3 hacker now....... Nah, they probably don't see these as even remotely related.
As others have frequently pointed out...
Hardware hacker != Professional mega-breacher
(Hardware hacker != Professional mega-breacher) != !cause_and_effect
Sony used the expensive litigation to bully the PS3 hacker into submission, irrespective of the law.
Anonymous (understandably) took exception to this and threatened Sony.
Sony were therefore expecting a huge DOS.
An ideal time for a criminal hack, because Sony would likely misinterpret the seriousness.
The only question is whether this was already planned and just had lucky timing, or was planned as a result of the situation.
There's a good article on this...
... by Bob Cringely.
See http://www.cringely.com/ and the story called "Til death do us part: Sony and the credit card companies".
Time to improve security and prosecute the hackers
Sony and I'm sure many other corporations need to improve security and a full scale effort needs to be implemented to prosecute all of these hackers.
You sure a bit of prosecuting of Sony wouldn't concentrate their minds a bit if it was found that their measures were inadequate?
>> compensation of one day for each day the system is down
Or put more simply: they won't bill you for Sony network access on days when their network is inaccessible. Truly a paradigm shift, refraining from dunning customers for work not actually delivered...
They got pwned again?
is it me, or is this fukushima all over again?
Re: Deja Vu
Hardly, while the PR in the case of Fukushima failed pretty badly, the actual damage done was limited and the majority of the information they had (what little it was) was in fact made pubic as soon as they could do so.
I'm not sure if there is a parallel here at all... When did last someone lose 100 million people worth of data? In a hack that seems to have lasted for days and took days more before any real information was disclosed?
This is an unprecedented level of fail.
Can anybody imagine what will happen when databases of major companies like Google or Facebook will be hacked? These companies see and aggregate almost anything we are doing online, hence hackers will know everything about everyone. It looks like the ultimate target for hackers. Control and protect your online privacy with features like breadcrumbs Bogus Identity, one day it will pay off.
One would hope
That Google has some pretty strong security measures in place, if nothing else than to protect their own commercial data!
Not so necessary for Facebook as pretty much everything is available anyway.....
Depends on your perspective. Both rape and pillage their users' data, but the scariest process (face tagging) is actually safe in Farcebook as it at least tells you that it has happened and allows you to undo it. Google will never let you know.
However, with both you are but one programming mistake away from disclosure..
How long will it be before...
Sony publishes their end of year figures and points to a massive drop in profits which they will blame on piracy and hacking rather that their own lack of a creditable IT Policy.
American companies have Sarbanes Oxley which can lead to jail time if not adhered to.
Sony has a policy which they just make up as they go along.
Not a Sony customer and certainly not likely to be in the future.
Remember to vote everybody or things will never change.
I wonder what would happen if said hacker individual or community came out and said "we will make all data accessable unless Sony opens up the PS3", Sony would obviously say no but at the expense of making everyone unhappy?
Anyone think Sony would cave? Just putting the question out there... BOOM!
According to Sony, an "outdated database" with card info does not need the same protection as the "main database". Why even have the "outdated database" out there!.....Bit ME!
For me it isn't that the world renowned computer infector was hacked, which in itself was bad enough, it's the fact that they sat on the information knowing that there was a risk of loyal customers having their lifes savings spirited away as a result of that silence.
Second Sony bomb a dire warning for U.S.
Clearly, we're in the midst of a raging but undeclared cyber war, and the window is rapidly closing on our options.
my one hope
is that Sony's servers were all hit with a root-kit virus that allowed the initial compromise. That would just be good karma... and bitter irony.
Major triumph for Sony security
Sony in the doghouse
Now it's over 100million customers information at risk the bad news gets worst the crisis deepens I wonder how long it will take Sony to dig itself about of this mess. Sony better work fast to save it's falling reputation or it is curtains for that company.
New definition of the word FAIL
To do a: SONY
- Vid Reg bloke zips through an iPHONE 6 queue from ZERO to 60 SECONDS
- Anal-ysis Buying memory in the iPhone 6: Like wiping your bottom with dollar bills
- Teardown Pop open this iPhone 6 and see where the magic oozes from ... oh hello again, Qualcomm
- Competition Your chance to WIN the WORLD'S ONLY HANDHELD ZX SPECTRUM
- Analysis Apple's warrant canary riddle: Cock-up, conspiracy, or anti-Google point-scoring