Just as Sony released press releases suggesting that PlayStation Network will begin to come back online after two weeks of downtime—at least in part—Sony drops the bomb that Sony Online Entertainment also suffered a data breach at the same time.
Kit Dotson over at SiliconANGLE wrote up a short roll-up of events concerning the hacks and initial response from Sony,,
Sony was also quick to point out that there is no evidence that their main credit card database had been compromised as it was stored in a newer and more sophisticated environment.
This portion of the breach may explain why Sony believed that PSN credit card information has remained safe (and said as much to its customers) while personal information and passwords had been hacked; but customers were contacting sites such as Ars Technica with what they believed to be PSN-related credit fraud.
This isn’t the first time that an online institution has suffered a loss of secret personal data, but the event is so common now that we can expect to see some high profile data breach every month. It took Sony over two weeks to inform its patrons that their data had been compromised and even though they took the time for a thorough investigation, they missed a portion of the breach that readily explains why some people might have suffered related credit-card fraud.
[ad#Helvetica Left-align]Subscription services must discover a code-oriented method that will protect their customer’s secret information as it pertains to financial institutions. In a way, security and privacy are written into the mechanical nature of an activity—data is only as secure as the hands that handle it and in many cases it’s not that secure.
So the solution might be to provide mechanisms that permit people to release less valuable financial information (such as PayPal’s one-time or temporary credit-card #s) that in the case of a breach has less effect when it’s compromised.
Read the article for more ideas on how this might work.
Here’s watching you, Sony.
Link via SiliconANGLE
Trackbacks/Pingbacks