May 31, 2011

IS SONY SORRY?

By Abu Bakar Munir

Following the attack, Sony’s CEO apologized to millions of PlayStation Network and Qriocity users. In the letter posted on the PlayStation blog, Howard Stringer states, “I know this has been a frustrating time for all of you…..Let me assure you that the resources of this company have been focused on investigating the entire nature and impact of the cyber-attack we’ve all experienced and on fixing it. We are absolutely dedicated to restoring full and safe services as soon as possible and rewarding you for your patience. We will settle for nothing less…As a company we – and I - apologize for the inconvenience and concern caused by this attack.”

Criticisms of Sony was for several reasons, among others, (1) the delay between discovering the problem and notifying customers, (2) the lack of meaningful updates as to when service would be restored, and (3) the seeming confusion over exactly what information had or had not been stolen. On the first issue, Sony’s CEO responded by saying, “This was an unprecedented situation. Most of these breaches go unreported by companies. Forty – three percent notify victims within a month. We reported in a week. You’re telling me my week wasn’t fast enough?”

What are the reactions of the privacy advocate and security professionals? Senior technology consultant at Sophos said that the breach “certainly ranks as one of the biggest data losses ever to affect individuals”. The Australian Privacy Minister, Brendan O’Connor, said he was “very concerned” about the theft of personal information and expressed disappointment that Sony took “several days” to inform about the breach. He further stated that this meant a mandatory “data breach notification” system now “appears necessary”.

Similarly, the Canada Privacy Commissioner said, “I was very disappointed that Sony did not pro-actively notify my office of the breach”. The British Information Commissioner’s Office stated that Sony will be questioned, and that an investigation will take place to discover whether Sony had taken adequate precautions to protect customer details. US Senator Richard Blumenthal of Connecticut demanded answers from Sony about the data breach. Sony had been asked to testify before a congressional hearing on May 2, 2011, but sent a letter instead.

May 12, 2011

FACEBOOK FLAW GAVE PERSONAL DATA TO ADVERTISERS

A security vulnerability on Facebook Inc. for years gave advertisers and other third parties a way to access users’ accounts and personal information, according to security firm Symantec Corp. But Facebook said it had fixed the problem and found no evidence of the issue resulting in private information being leaked.

Read the article: http://ow.ly/4RHnF (Source: The Wall Street Journal)

May 11, 2011

PRIVACY ADVOCATES APPLAUD DO-NOT TRACK BILL

Several privacy and civil rights groups voiced support for an online do-not-track bill introduced in the U.S. Senate, saying the legislation would give Web users control over their personal data. Senator John “Jay” Rockefeller’s bill would create a national do-not-track mechanism, a “crucial civil liberties protection for the 21st century,” said Chris Calabrese, legislative counsel at the American Civil Liberties Union (ACLU).

Read the article: http://ow.ly/4QPqW (Source: PCWorld)

May 7, 2011

SONY'S CEO APOLOGIZES

Sony Chief Executive Officer Howard Stringer apologized to users of its PlayStation Network, breaking his silence on one of the biggest Internet security break-ins ever, but failing to provide a date when services would resume. Stringer’s comments come after he faced criticism of his leadership since Sony revealed hackers had compromised the data of more than 100 million accounts.

Read the article: http://ow.ly/4OoPe (Source: Reuters)


May 6, 2011

SONY SHUTS DOWN ONLINE - GAMING AFTER SECOND ATTACK

Less than a week after news of a security breach sparked an uproar, Sony Corp. has shut down its online-gaming unit after a hacker infiltrated the network in the second such attack on the company in the last month. Sony Online Entertainment, known for creating massive multi-player games such as EverQuest and The Matrix Online, suspended service, according to a statement.

Read the article: http://ow.ly/4Lz3A (Source: Los Angeles Times)


May 4, 2011

SONY WAS ATTACKED AGAIN

Less than a week after news of a security breach sparked an uproar, Sony Corp. has shut down its online-gaming unit after a hacker infiltrated the network in the second such attack on the company in the last month. Sony Online Entertainment, known for creating massive multi-player games such as EverQuest and The Matrix Online, suspended service, according to a statement.

Read the article: http://ow.ly/4Lz3A (Source: Los Angeles Times)

May 2, 2011

SONY PLAYSTATION DATA DISCLOSURE

Sony acknowledged that the personal information of its PlayStation Network customers has been compromised. The company posted an update on its blog warning its more than 70 million customers that their personal information, including customer names, addresses, e-mail addresses, birthdays, PlayStation Network and Qriocity passwords, and user names, as well as online user handles, was obtained illegally by an “unauthorized person.”

Read the article: http://ow.ly/4HzfK (Source: CNET News)

LAWSUIT FILED AGAINST SONY

Gamers and government officials are irate over Sony’s admission that a massive security breach gave hackers access to large amounts of personal data from the company’s PlayStation Network and, surprise(!), one gamer has already filed a lawsuit. Meanwhile, analysts estimate the hammered game company could lose billions of dollars from the debacle.

Read the article: http://ow.ly/4IAfA (Source: msnbc.com)