Posted by pratyushkp
Even more embarrassing was the fact that the stolen information was published on a Sony web server that reportedly is part of Sony Electronics.
The information disclosed contained names and partial addresses of Sony customers who had participated in a 2001 sweepstakes. Sony’s comment is as follows:
“The website was out of date and inactive when discovered as part of the continued attacks on Sony,”
This appears to be a partial repeat of what they disclosed in their second statement acknowledging that Sony Online Entertainment had been compromised. “Don’t worry it was old data on a forgotten server.”
I spoke with John Moe from Marketplace Tech Report on National Public Radio (NPR) last Wednesday. We discussed how long most organizations keep this kind of information and whether there are any regulations requiring it to be protected or deleted.
In an organization as large as Sony the hackers targeting them may be able to continue to find low hanging fruit… Unpatched old equipment at any of the various Sony subsidiaries could continue to embarrass Sony publicly.
Meanwhile, Sony Playstation Network users are starting to get quite impatient as they await the return of the online gaming service.
In this case Sony is certainly doing the right thing. It is better to be offline and identify what must be done to return the service to a secure state than to simply turn it back on and allow attackers to target even more data.
Remember arcades? You can “chat” while competing and you even might see the sunshine when you leave the house. It will be okay gamers, soon enough you will be able to return to your couches.
Source :- http://nakedsecurity.sophos.com
- Sony succumbs to another hack leaking 2,500 “old records” (nakedsecurity.sophos.com)
- Sony may offer cash bounty for PSN hackers (electronista.com)
- Sony’s PlayStation Network hack attack repair bill: $1.6 million or $1.25 billion? (venturebeat.com)
- The Sony Horror Hacker Show (tjantunen.com)
- Sony cuts off Sony Online Entertainment service after hack (macworld.com)
- Two veteran Anonymous members say group is responsibile for Sony attacks (boingboing.net)
- Playstation Network Down Indefinitely, Again (technologizer.com)
- Sony delays PSN revival, says 2,500 users’ names leaked (electronista.com)
- Sony Hacked Again; 25M Users’ Info at Risk (wired.com)
- Sony Hackers Planning Third Attack, Have Gained Access To Servers [Rumor] (inquisitr.com)