After the already notorious hacker attack on 17 April, Sony suffered a second hacker attack on 2 May, which affected again a lot of users: this time, the data of about 25 million other people were stolen. This attack targeted the Sony Online Entertainment PC games network, which hosts games played over the Internet on PCs. This security break-in led to the theft of more than 23,000 financial records from customers in Germany, Spain, Austria, the Netherlands, and other countries outside of the USA. The names, addresses, emails, birthdates, phone numbers and other information were stolen from an “outdated database” from 2007, the company says. The outdated information contained credit card numbers, debit card numbers and expiration dates, but not the 3-digit security code on the back of credit cards. The direct debit records included bank account numbers, customer names, account names and customer addresses.
Are we lost now? And what about the reputation of Sony, which seems to be ruined totally because of all what happened?
Mr Average’s naïveté
Talking about the former, let me be clear, although it is something I find difficult for myself as well. Other people may have grabbed your personal data, including your password to the PlayStation Network. Should that be a problem immediately? Well, the fact that they can access your game data is not life-threatening – although even here some people will get very nervous –, as long as others stay off your bank account, credit cards and such. Okay, I have the password of e.g. Yoshikatsu Takata (fictious name) here, but I cannot make use of his money. Yet. Hmm, let’s try eBay.com, same username, same password. Hey, it works: KA-CHING!
That is exactly the thing: not only has Sony to secure its network in the best possible way, something in which they failed theoretically, but also do we gamers have to watch out for the numberous possibilities on the worldwide web. Firstly, it is a terrible sin if you use the same password and/or username all over the Internet, for all kinds of websites, whether it is for business or entertainment purposes. Some people are smart enough to use other e-mail addresses for “less serious” websites, but that may rather be in order to reduce the number of SPAM mails on their most important mail account. Security, hmm, like that will ever happen? Yes, my dear…
A concise overview of the hackers’ possibilities. They may access your e-mail addresses to go and search for more codes, usernames and such. Moreover, they can have a try at all kinds of product websites, virtual market places etc., like eBay, which I mentionned earlier on. Do not forget, though, that also PayPal is an interesting site to gather information and to purchase a lot of goods at other people’s expense. I will probably have forgotten more interesting things as well. Finally, as everything is possible in this world, data may be sold to other people wo can play with the databases as well.
In other words: The world has never been perfect, is not yet perfect, but neither will it ever be perfect. Thinking that nothing will go wrong is a very utopic idea, and see, if it goes wrong it may be to a large extent right on. Conclusion: Whatever happens, take care with accounts and passwords and try to put as much variation in your login data as possible. The same password for all non-essential websites is okay, but then, do not use that one for your preferred mail client as well.
PS: This advice applies to non-gamers as well. 😉
Now, about the reputation of Sony, I would like to refer to a popular way of reacting to such events: if something like this happens, the attacked instances are idiots and do not deserve our support anymore. Is it really that simple? Do not get me wrong, I am not defending Sony here because I am a PlayStation user myself, but the fact itself that Sony got hacked, well, it can happen, isn’t it? It may happen to other companies as well, also in other sectors. In addition, I am not quite sure whether investing in all kinds of security measurements will solve everything. More investments may be good to prevent more attacks, but tell me, is it possible to find new ways to rip off a company’s pants or not? New viruses are designed all the time as well, I would think, so in terms of hacking, hackers will always find a way to break in.
On the other hand, Sony should reflect on the way they dealt with the attacks, for example, in terms of communication. After they discovered the attack of 17 April, they immediately shut down the network, but they decided to wait with communicating to the users what happened exactly. Instead, there were reports about network maintainance… Well, quite literaly, that is lying to your users. If you consider the fact that very personal data were stolen and the fact that this not the nineteenth century, in which it took still a lot of time to find the most interesting addresses and data and to do something with them, they should warn the users involved as soon as possible. If they wanted to Moreover, I hear complaints from people who are still looing for a solution to be pleased, or even for apologies for what happened. Or how a short – but powerful and meaningful! – explanation can change the feelings of a lot of people…
But hey, up to you to have your go. What are your thoughts? Are you thinking of switching to another console or will you stick to the ‘amusement park’ you have at this moment? Say it, say it out loud!