Recently Sony confirmed that their Playstation Network was the victim of a cyber-attack and had to shut down their gaming network abruptly cutting off nearly 78 million gamers. Some reports on the internet claim that the network was hacked by a hactivist group who call themselves 'Anonymous'. Several days later it emerged that the attack was on an even more widespread scale and that Sony's PC gaming network had also been hacked at the same time, though Sony didn't realize this until 02nd May 2011 leaving 24.6 Million PC gamer's details at the risk of theft. Sony admitted that the hackers used a security flaw that the company were not aware of.
Sony released a statement on the Playstation website on 01st May 2011 regarding the security issues surrounding the breach and explained what they were doing about it and how they are going to compensate customers. Sony CIO Shinji Hasejima said the attack was based on a vulnerability in the unspecified web application server used in the Playstation Network. A restoration program is now underway to get services on the network up and running as soon as, and as securely as possible. Sony have stated that they will be compensating online gamers with thirty days free service of Q Music Unlimited, thirty days free service of Playstation Plus premium membership and selected content for free download. Compensation is expected to cost Sony £158 Million.
Sony have also stated that they are moving the PSN infrastructure to a more secure location and when users sign into the service once resumed there will be a forced update to make users change their password before they can use the service. In addition, user's passwords can only be change on the console originally used to create their account. Sony have been implementing the following security measures:
*Â Automatic software monitoring to detect new attacks
*Â Higher levels of data protection and encryption
*Â Enhanced ability to detect intrusions into the network
*Â Implementation of additional firewalls
Although reports currently show that Playstation Network is back online in Japan, services are expected to resume in UK/EU & US by the end of the week and although Sony are offering compensation it looks they are about to face a series of legal battles. UK Information Commissioner Christopher Graham expressed concern on BBC Radio 4 that the hack could indicate a serious breach of the Data Protection Act 1988 which, if data was stored on servers in UK, could lead to a fine of up to £500,000.
Fund manager at Beyond Asset Management stated the way Sony handled the situation shows the company's lack of ability to manage a crisis and suggested that Sony's current CEO should step down. Attorney generals from Iowa, Connecticut, Florida and Massachusetts have began investigations into the hacking of the Playstation Network.
A lawsuit has been filed against Sony in Canada that is claiming in excess of $1 Billion in damages and an American PSN user has also filed a lawsuit accusing the company of not taking reasonable care to protect,encrypt and secure the private and sensitive data of it's users.
No comments:
Post a Comment