New
#31
At first I was laughing, but now it's going too far. Why do Sony keep getting hacked?
Possible Options:
- They are corrupt (i.e. they don't care as long as they get paid).
- They are incompetent.
- It's the work of insiders.
- All of the above.
Hi there
Surely if this firm operated like this in Europe on European servers (or the US maybe in 'OZ too ? --not sure how the Federal Law in those countries works on this) Sony would probably be forced into Bankruptcy by now since the idea of holding IN PLAIN TEXT (or unencrypted) people's passwords would be in SERIOUS BREACH of the various data protection acts.
Thes acts state quite clearly it's an offence not only to GIVE OUT details to 3rd parties -- that's the usual interpretation -- but also there is an OBLIGATION TO KEEP SENSITIVE DATA SECURE AND SAFE.
This clearly hasn't been done - since if you can obtain the password of a user then you have access to all the other data on that account.
Most organisations when you have passwords can only RESET them for you if you lose them -- they don't keep PLAIN TEXT versions.
Is it just me but it seems so screamingly obvious to me NOT to hold plain text passwords - and I don't do a lot of work in I.T -- so can some of the more technical Gurus on this site explain to me is this a MANAGEMENT problem or an I.T one.
Whoever is responsible should not only be FIRED (No question of "being allowed to resign") and also do some SERIOUS JAIL TIME too.
Sony also should be sued for everything they've got as well.
Cheers
jimbo
Simple solution.Dear Sony,
I'm sorry to say it but your company is failing, big time. If you don't want to end up a broken company, hire some super hackers to hack the real hackers.
Thanks for your time,
Jaidyn
June 2, 2011 1:34 PM PDT
Read more:The group, which calls itself "Lulzsec," is the same group that posted fake news stories on PBS.com over the weekend.
They have been promising Sony attacks since this past weekend, a plan they called "the beginning of the end" for Sony. After being challenged to show what they found, the group today posted links on Twitter to samples of information they compromised on internal Sony networks and Web sites, including Sony Pictures, Sony Music Belgium, and Sony Music Netherlands.
On the site Pastebin, Lulzsec wrote: "We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, email addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 'music codes' and 3.5 million 'music coupons'."
The group said they didn't have the resources to copy all the information found, but is posting "samples" to prove their authenticity. The group claims they could have taken more, but that would have taken "several more weeks."
The files in the download appear to contain names, addresses, e-mail addresses, and passwords, but it was unclear how many were in the sample provided by the group.
One file labeled Sony BMG Music Entertainment Belgium included this note: "This target gave us LOLs as it provided internal release dates of records, barcodes, sales reports, and plaintext Sony employee passwords."
Sony did not immediately respond to a request for comment.
Hackers steal more customer info from Sony servers | Circuit Breaker - CNET News