Two weeks ago happened possibly the largest theft on the Internet ever recorded – over 77 million customer accounts of Sony PlayStation Network have been hacked and their information stolen. Since the information about the security breach came out, many discussions, polemics, questions, etc. have been opening and taking place in different online information sources.
The security breach had opened sharp discussions addressing different issues. Some are dealing with the fact (e.g. What’s so special about Sony’s massive data breach?) that Sony even decided to officially disclose the information about the breach. After Sony realized that the breach is more severe than it seemed at first glance, they released official statement and FAQ list where they explained what happened and tried to answer most frequent questions their customers were seeking answers to. The surprising thing here is, for some commentators, that Sony even decided to release official statement on the matter. Many different attacks happened online and many are kept a secret. Beside that, many services attacked are not even aware of the attacks. Sony probably decided to officially release the fact that they were attacked because the attack was so wide and severe. The number of possible victims of the information theft is so huge that they probably couldn’t afford to keep this security breach a secret. I guess they followed some kind of a crisis communication plan and decided it’s better that you tell what’s going on and you tell it in your way than waiting if someone will ever find out and fear what kind of interpretation of the event will be communicated.
On the other hand, some other commentators didn’t welcome Sony’s official release on the issue with much sympathy (PlayStation Network hack: why it took Sony seven days to tell the world, Sony’s PlayStation Network Hack: When Did They Know?). The problem some commentators have with the official release is that it came seven days after Sony found out it has been hacked. There are already different theories why they decided to wait so long before they released the information. What all of them have in common is that commentators believe Sony waited too long to release the information on the hack – they should release the information immediately and not after a week into the attack and only after they realized how many accounts have been hacked and what kinds of personal information exposed and stolen.
The event of hacking into the Sony PlayStation Network and stealing of so many different personal information again opened up the question about security on Internet. Among the heavily criticised is also Sony’s way of storing the data they collect from their users. Most of the data is stored in unencrypted form and therefore even more vulnerable to different hacking attempts. Another problem, particularly on the side of the customers, is that people often use the same password for several different online accounts and therefore make it easier for the hackers to access additional personal data once they acquire our name and one password.
Some other commentators and authors of articles took different approach and haven’t focused on criticising Sony or elaborating on the problem of the hack and security issues; they focused on the customers. One of this kind is the article Sony PlayStation Network Hacked: 8 Things You Need To Do To Protect Yourself, in which author lists 8 things that potential victims of the Sony hack should do to protect themselves for experiencing even more damage. And the points listed in this article (and probably some additional) should take into account every Internet user. Because the best protection from information theft, identity theft, credit card theft, etc. is conscious use of the Internet and online services offered.
