backtop


Print 32 comment(s) - last by Smilin.. on May 6 at 4:02 PM


The lawyers are coming for Sony, after it lost 101 million customers' information.  (Source: David Pear)

Sony has thus far refused to clarify whether users' credit cards were stolen. Its statements suggest that as many as 10 million customers MAY have had their credit cards stolen.  (Source: China Post)

Sony waited two days before informing the FBI of the breach and a full week before informing customers. Many customers are also distraught about their passwords, real names, and email addresses being stolen -- a combo which could give cybercriminals access to users' private online accounts.  (Source: Hard Forums)
After two high profile data losses, company has recruited the FBI and a private firm to crack down

Sony Corp. (6758) has been rocked in recent weeks by a pair of high profile system intrusions. One intrusion caused the outage of the company's Qriocity streaming media and PlayStation Network (PSN) services, along with the loss of 77 million customer records.  A second intrusion at Sony Online Entertainment lost 24 million additional customer records.

Together the intrusions may have lost over 10 million customers credit and debit cards, though Sony is still being unclear about whether or not this valuable information was taken.

I. Stepping up Security

In an effort to clean up its act, Sony has hired privately held security firm Data Forte to track down the cyber criminals.  Data Forte is the brainchild of a former special agent with the U.S. Naval Criminal Investigative Service.

The Japanese electronics giant has also retained cyber-security detectives from Guidance Software Inc. (GUID) and consultants from Robert Half International Inc.'s (RHI) subsidiary Protiviti to assist in the investigation and cleanup.

There is a bit of irony there, in that Robert Half was itself the victim of customer data loss just weeks ago.  Robert Half contracted email service solutions firm Epsilon to manage its client email database.  Like many Epsilon customers, it was shocked to hear that Epsilon's entire database of emails from various client companies had been stolen.

The three investigating firms are working closely with U.S. Federal Bureau of Investigations (FBI) to examine possible identity theft or credit card fraud attempts from the individuals who stole the information.

II.  What's the Status?

One of the frustrating things about the entire incident is that Sony has been extremely unclear about whether users' credit cards were stolen.  In all of its statements it adopted ambiguous legal language-esque passages, which while not saying the cards numbers were stolen, also did not rule out the possibility.

Initially, Sony was also very quiet about the breach itself, waiting a full week before informing customers of its discovery and why the networks were down.  When it did finally inform them, it did offer them a great deal of information about the breach itself (though it offered precious little clarification on some of the most important points, like credit card loss).

Sony, whose Japanese executives have publicly apologized to customers, has also been silent about its ongoing investigation.  

Other security firms, though, who aren't involved firsthand, but reportedly have knowledge of the situation, are speaking out.  In an interview with Reuters, David Baker, vice president of services with electronic security firm IOActive, states, "It's a significant operation."

He said that he believes that Visa and MasterCard have hired their own investigators to probe the incident as well.  If true, this may indicate a greater likelihood that credit card information was indeed lost.

Sony is facing pressure from politicians about its failure to clarify the situation to the public.  Connecticut Senator Richard Blumenthal (D-Conn.) sent a letter to Sony on Tuesday demanding that it clarify whether or not credit cards were stolen.

In the letter he says he will call on the U.S. Attorney General, Eric Holder, to probe whether or not Sony should be held criminally or civilly liable for losing its customers personal information, including, potentially, financial records.

He writes:

I would appreciate a direct and public answer detailing what the company will do in the future to protect its consumers against breaches of their personal and financial information.

Reportedly one thing Sen. Blumenthal and others are upset about is the report that Sony waited two days after finding out about the breach before contacting the FBI.

III. Legal Troubles Ahead for Sony?

Despite its efforts to turn the corner with its internal security and track down the perpetrators of the breach, legal troubles may be looming for Sony, as Sen. Blumenthal's comments might suggest.  

The company has retained the services of Baker & McKenzie, a law firm.  Reportedly the move was designed to retain services to help prosecute cyber-criminals involved in the break in.

However, it may also be designed to beef up Sony's legal defense against customers.

A Toronto law firm on Tuesday announced a $1B CD ($1.05B USD) class-action suit against Sony for breach of privacy, naming a 21-year-old PlayStation user from Mississauga, Ontario, as the lead plaintiff. Lawyers for McPhadden Samac Tuovi LLP, say that the suit's requested damages would allow Sony's customers to purchase fraud prevention and credit monitoring service for two years.

It is likely that similar class action lawsuits will pop up in the U.S. and the European Union. 

Many Sony customers are upset not only about the possible loss of their credit card information, but also the loss of their usernames and passwords.  While hashed, it's possible that sophisticated hackers could reverse the hash, giving them access to potentially millions of users Facebook, Gmail, Twitter, and other accounts, given that they also have the users emails and real names (which were reportedly unhashed and unencrypted).



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By Onimuto on 5/5/2011 11:09:15 AM , Rating: 2
No you can't? Why and how you cant? Need your whole nieghbor hood to stop using inter
Net to be able to down load? Get higher bandwith inter net then.many site stream hd content. Of course with sony fan hd can only exsit on blue ray. I remeber when i bought my 60 gig ps3 and all the fanboys where going off about hd can only exist on blu ray.... So i proved this wrong by simply dowbloading a 1080p heavenly sword video off psn storing it on my sd and usb s
Flash drive and played them off both storage meduims.
I for know the well over 20 house holds dowb my street stream hd content. What ypu think the data ypur tv recives and data internet is so much diffrent? Hd hbo showtime discovery channel?
Get real. And if you go on about unconpressed serousily any $399 laptop can play the highest compressed hd content perfectly fine. I have a sandy bridge 2360 paired with an ati 6700 series and it sure can uncompresse and play content from hdd , e-sata, usb on tree diffrent media players (vlc,divx,quicktime) flawlessly.
Legally borrow not sure but you can stream it from number of sites. Youtube, hulu, net flix, sony, discovery network, and on and on. And as far as your lon time to dowb load i rip blu ray movies all the time with true hd audio, english subs abd files sizes are only 2.5-6.8 gigs at 1080p , and 800-1.9 720p. 2 terabyte hdds are cheap as hell 65$ sales and reg prices of 70-99$.
And blu ray is the what you say ?
"BD might be the last great hurrah for physical media, but their are advantages to physical media, so it's definitely got a place now and is by no means too late to the party for the many many people, even those who are not technologically impaired.".
Industry uses hollgrapic versrial disk 3.9 terabytes per disk same form factor as your cd,dvd,blu ray.
Most poeple only can truely use 720p quitly regardless of there display being capable of higher reslutions due to fact of lost quility from phsical screen size. Unless you are projecting a 10 foot by 6 foot projection the diffrences of 720-1080 is barely noticeable. Compters can go 5 megapixiel now. Move on with the times...


By Aloonatic on 5/5/2011 5:07:22 PM , Rating: 2
Get higher bandwidth internet? Brilliant, why didn't I think of that?!?

Quick, get to the UN and solve world peace with that amazing intellect of yours that can cut through problems so easily.

*sighs*

I'm not sure if you are being factitious, or intentionally obtuse, but the very very very simple point is that not everywhere has the sort of infrastructure that you are talking about.

Really, I don't knwo how to make it any simpler for you to understand.

I get that HD content can be streamed or stored on a flash drive or hard disk, and I have never said that it is imposable, but the places the capability and broad band infrastructure exists where people can throw out there BluRay disks and download HD content (not even at the same quality), 24/7, without impairing what the rest of the household are doing, even assuming that only 1 person in the home wants to watch a HD movie at any one time, is very patchy and has nothing to do with how technological impaired someone is.

Like the person I replied to, I am so very happy that you live in a place where people can down load and stream HD content, BUT A LARGE NUMBER OF PEOPLE IN THE MOST WESTERN COUNTRIES CAN'T, EVEN IF THEY KNOW HOW TO AND WANT TO.

Honestly, I don't know what some of you guys are on at times.

And then why you have to go on about industry using some sort of holographic disk when we are clearly talking about home consumers just boggles my mind, but doesn't surprised me.


By DarthKaos on 5/6/2011 10:46:05 AM , Rating: 2
To watch a movie on Blu-Ray.

I buy a TV. I buy a Blu-Ray Player. I rent or buy Blu-Rays. I watch Movies and TV shows on Blu-Ray. Any time I want to watch something, I just put it in and hit play.

To watch media that is streamed or on a server.

I need a device that can stream media. Cable and Satellite charge too much for movies. I want to stream Netflix so my TV has to be compatible or I need a PC. I need to have a PC in my living room or long cables or I use a laptop with long cables or hook it up when I use it. If I use a server I have to set that up. I have to keep up on updates. If I want to watch my movie someplace else I need to be sure I can stream or download there or I have to transfer my media to a portable storage device to take where I am going. I need to know what format it can play in where I am going or I may need to be able to play it on a screen everyone can see. So I have to verify that where I am going has a TV hooked up to or can be hooked up to a laptop or computer. Any time I want to watch I need an internet connection.

The list is long of things that are more difficult. Don't get me wrong though. I am a Netflix customer and I love to stream but I also get my favorite action flicks on Blu-Ray. Something tech people lose site of is how our "easy" and "normal" is not everyone's "easy" and "normal". Logging in, setting up, streaming, searching, etc... is not easy for everyone. Plus some people just don't like to take the time. My wife is a Network Engineer and very smart but she prefers throwing a disc in, sitting down, and enjoying a movie. She does not want to mess with anything else. The kids will have it all figured out though and be use to it. Digital media will not be the norm for 10 years. Having Blu-Ray discs at that point will be like having records now. You don't listen to them all the time but it is really cool when you do.

On a side note: I have watched the same movie back to back on Blu-Ray then streamed and blu-Ray is better (sound and picture). Sure the difference is small if you don't do side by side but it is there. So if you really love movies and have a decent setup, streaming just does not quite satisfy.


"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki