If there are people who should learn from history, they’re the one at Sony. People have barely forgotten the recent PS breach that occurred barely a month ago and here we go again. (Is this going to be a monthly thing?) If the reports reaching me are true, a group that calls themselves “Lulz Security” claims that not
only was the database breached by using a simple SQL injection attack
but also that the passwords were stored in plain text. Forget negligence and irresponsibility, that’s downright — pardon the term — idotic. Who stores private data in plain text??? (If you have no idea what plain text is, visit my Non-Technical Introduction to Cryptography) They might as well have written them down of post its and left it lying around and we wouldn’t notice the difference. Except, probably, that it would be harder to get and post all 50,000 of it at once.
Lulz Security claims to have posted 50,000 records on the net. I know someone who have tried to call 8 numbers and all 8 checked out but we do not know if the entire data is real. Unfortunately,
unless they contact all the victims there is no legal way to find out if it
is real data. Unfortunately, unless they contact all the victims there is no legal way to find out if it is real data.
Now, what do you need to do? Well, personally I don’t have an account with Sony but if you really had to have the Sony account here are the precautions you should take:
If you every used any log-in or had to provide a password anywhere in the Sony site of their affiliates, it would be an exceptionally brilliant idea to make sure you are not using the same password anywhere else. It seems like I can’t say this enough: don’t re-use passwords. Passwords are like Kleenex, each one should be made from virgin pulp. Or new. Whatever. Just don’t re-use. It would also be a good idea tochange your password challenge answers on other web sites. Password challenge questions are the “security questions” the site would use if you forgot your password. The danger is that if your email, social networking, bank, or other account uses the same questions then the answers are now exposed. Well, the only good thing that can probably come from this is if you forgot your password and password challenge answer for an account elsewhere chances are, they are probably the same ones that Sony (as good as) gave away.
This isn’t the first and I’m sure it will happen again. If not to Sony then to other providers and/or social networking sites. There is no excuse to ignorance and stupidity when security specialist and security tools abound. In an age when 10 year olds can easily encrypt their hard drives, it makes you wonder who put the toddlers in charge.
So take charge of your privacy. Information is your best security.