Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

Summary: Sony's massive data breach raises two questions. First, can Sony recover? And then there are questions about whether other game networks will be targeted.

SHARE:

Sony confirmed that its PlayStation Network and Qriocity properties were hacked and the personal data of 77 million users---names, addresses, log-ins, passwords and profile data---were swiped.

According to Sony's blog post, credit card numbers weren't swiped, but you can't really rule out the possibility that they were stolen. Sony said:

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

This incident brings up a few thoughts.

Here are the primary items:

  1. Can Sony recover? Sony is going to have a tough time recovering from this breach. First Sony's PlayStation Network has been down for a week. Sony doesn't communicate to customers well. Then, Sony dumps this personal data loss on customers. As a sidebar, Sony talked up its two tablets, which partially depend on the PlayStation Network and Qriocity properties for a value proposition. Good luck with that one Sony.
  2. Game networks are such obvious theft targets. The most staggering item in Sony's breach disclosure is the sheer numbers involved. A person---or group---ran off with the personal information of 77 million customers. That's staggering. Sure, we knew that PlayStation was popular, but that's a lot of data. Microsoft's Xbox Live would make a fine target. So would Nintendo's Wii. Do we know the security procedures at these gaming networks? I don't. You probably don't either. And until now no one thought twice about handing these game networks a nice chunk of personal information. As an extension, a hack of Apple's iTunes would be the Holy Grail.

Rest assured folks will start wondering about game network security soon. If hackers can take down the PlayStation Network other gaming properties may become targets too.

Related:

Topics: Networking, Hardware, Mobility, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion
  • Sony doesn't get cloud services !!!

    They made great stand-alone consoles but the big wide interconnected world is beyond them. Seriously only MS can understand and deliver in this space.
    hubivedder
    • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

      @hubivedder
      *points you to Valve then kindly asks you to shut up about Microsoft*
      D2 Ultima
  • Message has been deleted.

    keew1230
  • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

    The quality of everything Sony has been producing has been going downhill for the last 10 years. I was strictly a Sony electronics buyer for years. In the last year or so I grew tired of Sony's constant lousy QA/QC. I am glad I went with the XBOX over the PS 3 today. Sony doesn't value its customers, nor do they seem to understand the value of keeping a customer happy.
    CowboyJake
  • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

    As Sony actively kneecap Stereo Mix Record on their Vaio's I have absolutely no sympathy for them and deserve all they get.
    Alan Smithie
  • Message has been deleted.

    ShazAmerica
  • Did anyone catch...

    ...the fact that birthdates and security questions were taken?

    *If* (and I'm being Pollyanna here) the credit card numbers were NOT taken, it still means identity theft will be straightforward, given the amount of private information in those profiles.

    If credit cards were taken too, well, Visa is going to be very unhappy with Sony. Not to mention what 77 *million* credit card frauds would do to people's trust in not only online transactions but credit cards themselves...
    wolf_z
    • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

      @wolf_z
      That in and of itself may be a good thing though, Credit Cards are nice and useful and all, but for example I have an electron Visa. If I don't load money on it beforehand, it's worthless. It's the only "credit card" I have. Steal the info for that I wouldn't care, I only load on what I need. I can always get a new one easily, and I don't need to throw money on it repeatedly to keep it active.
      No in-the-red means no debt as a result of the card. It would do about 60% of America well to adopt such a practice.

      As for Sony, I find there is some good in the fact that they were hit, though I feel for those who've provided information to them. I'll say there's no way to sift through 77 million users to find whose identity you wish to steal though, as well as most of this information will be kids just using parents' credit cards, so it'll be quite useless.
      But Sony needed to shape up, and so does Microsoft (unsure about Nintendo's practices). The "console wars" have dragged in the PC and the party-game feel of the Wii and have ruined things for most of them, while giving MS and Sony a blindly loyal, stupid following. That Sony was hacked so easily and the fact that they cannot recover from it speaks VOLUMES about how few measures they took to secure themselves and their users' data. I'm sure Microsoft is the same, their only purpose is how to make more money from their users. It's sad, but true. So I'm left feeling bittersweet; I'm glad that Sony got a slap in their face, and if Microsoft isn't scared gutless and upping their security measures, then I wish MS gets the same treatment too. People need to REALIZE that these companies don't care about their end-user OR their information. As long as you get them their money, they're happy. Still too bad about everyone's info being stolen though.
      D2 Ultima
  • Who there has the ability to delete messages?

    And why was mine deleted? Absolutely nothing in it was offensive. What is this? 1950 Soviet Russia, deleting anything you don't like?
    ShazAmerica
    • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

      @ShazAmerica don't take it personally as it happens to me all the time.
      Some people here have gossamer thin emotional skin stretched taut across an elephants buttocks of an inflated ego.
      Agnostic_OS
      • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

        @Agnostic_OS lol thats great. Sony is going down hill now I wish Sega would make a new gaming system. I still have my Dreamcast and love it
        campbellj78@...
  • Suspect #1: Anonymous Hacker Group

    It all started with Sony launching a lawsuit against hackers.
    Please read about this hacker group, called Anonymous on the Internet. This is not an ordinary hacker group. They are criminals, and have the power to launch the attack Sony was victim of.
    Please read http://arstechnica.com/tech-policy/news/2011/04/anonymous-attacks-sony-to-protest-ps3-hacker-lawsuit.ars.
    papyrus100
    • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

      @papyrus100 latest news is that Anonymous group contacted the news agencies and have denied any involvement.
      Agnostic_OS
      • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

        @Agnostic_OS : Thanks for the info, what is the source ? If you were a hacker, would you contact a news agency and say: "I did it". They have a track record of lying to the authorities. I do not trust them.
        papyrus100
  • Sony may have a Bad E3 this year.

    This is just not good for Sony. With E3 a month+ away, they better do something extra special and crazy at E3 to win back fans. I am a Sony fan, but this is just not good on their end. Glad I never bought a PS3 now. PC gaming forever!
    Bates_
  • @papyrus100

    You seriously think Anonymous did it? Really? A group of nerdy, 4chan-surfing internet denizens who probably all play on the PSN would hack and bring down a network they use. That makes plenty of sense. Besides, they've got a million better targets than Sony - see Scientology, Westboro Baptist, BMI, and the RIAA.
    Caggles
    • Well said.

      @Caggles +1

      I don't think they did it either.
      Bates_
      • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

        @Bates_

        It's probably an inside job... former employee, etc. That's where I'd start my investigation.
        namkce@...
  • May be its time for closed group messaging? http://www.nijimail.com

    First it is Epsilon now Sony, the list could go on. One day everybody's email will be available to spammers and phishers. A little bit of effort will be required to get people on a safe platform than plain old email. I have seen people mailing their tax returns as PDF attachments back and forth between their accountants! Cyber crime seems to be getting bigger and better every day. The criminals are only going to step it up. As technologists we should encourage the masses to move to a secure platform. My two cents!
    Ram@...
  • RE: Sony's PlayStation Network data breach: Game networks an irresistible hacker honey pot

    This entire comment section is going to be a flame war. Fact of the matter is this: if this happened to XboxLive everyone would be just as pissed about the whole thing. Don't try to say one company is better than the other on this unless you have documented proof otherwise. For safety's sake, remove credit card info and any info linking other accounts to your consoles for the time being.
    KBot