A Very Bad Day for Sony
Think back to the worst business news you’ve ever gotten. Perhaps it was about a large client who went belly-up, still owing you a lot of money. Maybe you heard that your top sales person just bolted to your largest competitor and you realized she never signed a non-compete. Or perhaps, my biggest fear, your spouse told you that her brother “really, really needs a job and it will just be a few months until he gets back on his feet.”
Yep, bad news for sure. But the town’s people didn’t swarm your offices with pitchforks and torches, calling for your head.
While a storming-of-the-castle event has not yet happened at Sony headquarters, losing 70 million PlayStation accounts has caused more than a bit of excitement. There is also a reported Internet auctioning of 2.2 million of those accounts, already with many reports of compromised credit cards. Now that is bad business news.
I have absolutely no advice as to what Sony should do at this point. Entering into the WSEPP (Web Security Executive Protection Plan) comes to mind. Sony is nose deep in alligators. Seriously however, I do expect Sony will continue to be the class act they have always been and do right by their customers.
The far more interesting back story is the report that Sony was hacked because it prosecuted a famous Black Hat hacker icon George Hotz for distributing information on how to modify (jailbreak) PlayStation consoles.
Many would argue that Hotz’s actions were no big deal; George is part of the hacker community who regularly compete in underground jailbreak competitions to break into new devices (i.e., smart phones, game consoles, video recorders) for the thrill to be ‘first.’ Unlike most vendors, however, Sony chose to prosecute George in a very public and messy legal battle. While George disavows any connection with this latest breach (what else would he say), the hacker community is pretty vocal that his prosecution is the reason behind one of the largest data breaches in history.
Robin Hood and Bonnie and Clyde may come to mind, until you realize the fact that millions of innocent PlayStation users are having their credit card information auctioned off, with perhaps that many users being targets of identity theft.
Should this worry you?
Yep, on two fronts.
First, none of us know when we will be cannon fodder in the battle of hacker titans. Second, whether you like it or not, you may be your brother’s data keeper. The implicit trust relationship that exists between the customer and any website that collects data is a responsibility that needs to be taken very seriously. If not 2 million credit cards, then maybe 500 email addresses. If stolen, each could have a detrimental effect on your clients.
My advice, think about web security and look into data breach insurance.
Concerned about the security of your customer data? Visit our homepage to submit your website for a free vulnerability review and find out how we can protect your website from being caught in the crossfire of hacker warfare.
Tags: hack, PlayStation, Sony, web security
May 14, 2011 at 2:44 pm, Wade said:
I would really like to thank you so much for that job you have made in writing this post. I am hoping the same most effective work by you later on as well.
May 18, 2011 at 5:52 pm, Man said:
Quality tips! I have been looking for everything like this for a while now. With thanks!
May 19, 2011 at 1:22 pm, Val said:
Saved, I really like your blog!