Credit: Image via g4tv.com

I don’t own a PlayStation, so the PlayStation Network being down since April 20 doesn’t impact me. But it is making life suck for a huge number of other people. There are 77 million PlayStation Network registered accounts. And it has been confirmed by Sony that the multiplayer-gaming network was hacked. The company also confirmed that user data had been illegally obtained. This is a huge blow for Sony. I’m not saying disaster yet because because PlayStation gamers are invested in that system, so it would be costly for them to switch to another system. But everyday the network is down, some small fraction will jump. If users start to find their personal data are being illegally used, that will be a PR back-breaker. Sony is already being sued and subjected to regulatory inquiries. Sony is a quality company. I’d really hate to see it go down in flames. The best read on the situation is from Kevin Poulsen of Wired. He went to federal prison for hacking. He knows what he is talking about. Here are the highlights of his take on the situation:

According to Sony, the CVV2 — the security code on the back of card — wasn’t stored in the compromised database, which greatly reduces the cards’ usability to fraudsters. Credit cards without the magstripe data or CVV2 are among the least valuable commodities.

But combined with the other data, the database is valuable indeed. The passwords (which Sony evidently didn’t bother to hash) could be a gold mine, because people have a tendency to use the same password everywhere; you can bet a big chunk of those 77 million PlayStation Network passwords will unlock everything from Facebook accounts to online banking.

The e-mail addresses could be used in phishing attacks, with the fraudster using stolen details — like the target’s date-of-birth — to increase the chances of a response. Hell, even if it were just sold as a spam list, the Sony database could draw a pretty penny.

(Emphasis added)

This breach could have repercussions for a long time. The lesson for the rest of us? Pay attention to security, especially PASSWORDS. Stop using the same password for everything!

Advertisements