Sony PlayStation suffers massive data breach

09:16, April 27, 2011      

Email | Print | Subscribe | Comments | Forum 

Sony suffered a massive breach in its video game online network that led to the theft of names, addresses and possibly credit card data belonging to 77 million user accounts in what is one of the largest-ever Internet security break-ins.


A visitor plays with a 'Playstation' at an exhibition stand at the Gamescom 2009 fair in Cologne in this August 22, 2009 file photo. (Photo/Agencies)


Sony learned that user information had been stolen from its PlayStation Network seven days ago, prompting it to shut down the network immediately. But Sony did not tell the public until Tuesday.

The electronics conglomerate is the latest Japanese company to come under fire for not disclosing bad news quickly. Tokyo Electric Power Co was criticized for how it handled the nuclear crisis after the March earthquake. Last year, Toyota Motor Corp was slammed for being less than forthright about problems surrounding its massive vehicle recall.

The "illegal and unauthorized person" obtained people's names, addresses, email address, birth dates, usernames, passwords, logins, security questions and more, Sony said on its US PlayStation blog on Tuesday.

The shutdown of the PlayStation Network seven days ago prevented owners of Sony's video game console from buying and downloading games, as well as playing with rivals over the Internet.

Alan Paller, research director of the SANS Institute, said the breach may be the largest theft of identity data information on record.

The breach is a major setback for the Japanese electronics maker. Although video game hardware and software sales have declined globally, the PlayStation franchise has been a steady seller and remains a flagship product for Sony.

Children with accounts established by their parents also might have had their data exposed, Sony said.

Sony said it saw no evidence credit card numbers were stolen, but warned users it could not rule out the possibility.

"Out of an abundance of caution, we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," Sony said.

Analysts said that, while Sony has notified its customers of the breach, it still has not provided information on how user data might have been compromised.

"This is a huge data breach," said Wedbush Securities analyst Michael Pachter, who estimated Sony generates $500 million in annual revenue from the service. "The bigger issue with Sony is how will the hacker use the info that has been illegally obtained?"

Sony said it has hired an "outside recognized security firm" to investigate.

The company said user account information for the PlayStation Network and its Qriocity service users was compromised between April 17 and April 19.

Paller said Sony probably did not pay enough attention to security when it was developing the software that runs its network. In the rush to get out innovative new products, security can sometimes take a back seat.

"They have to innovate rapidly. That's the business model," Paller said. "New software has errors in it. So they expose code with errors in it to large numbers of people, which is a catastrophe in the making."

He suspected the hackers entered the network by taking over the PC of a system administrator, who had rights to access sensitive information about Sony's customers. They likely did that by sending the administrator an email message that contained a piece of malicious software that got downloaded onto his or her PC.

Source: Xinhua
 
 
     
 
BRICS Leaders Meeting 2011
 
Japan in aftershocks
 
     
 
 
 
  Weekly review  
 
April 20   Beijing-Shanghai high-speed rail to remove luxury seats
 
April 18   China undergoing shift into nation of consumers
April 18   Zhejiang checks food, raids illegal bun makers
April 19   SASS: Chinese students mentally healthier than Asian peers
April 23   The week in pictures
April 19   Build legal bulwark against moral decline
April 21   'China model' 30 years on: from home to abroad
April 21   Piano student's bloody crime heart-wrenching in China
April 18   China places firmer lid on home prices
April 19   China puts brake on economic bullet train
 
     
 
 

(Editor:张茜)

  • Do you have anything to say?

双语词典
dictionary

  
Special Coverage
  • BRICS Leaders' Meeting 2011
  • Focus On China
Major headlines
Editor's Pick
  • DPRK senior official meets former U.S. president Carter
  • Leaders of Italy, France discuss Libya, migrants at annual summit
  • No.32 turbine of Three Gorges power station starts water filling test
  • Shanghai witnesses high temperature in April
  • Shanghai auto show underway
  • Severe drought hits Qingyuan City in S China
Hot Forum Dicussion