Things Get Worse And Worse For Sony As Another Massive Data Breach Detected

from the this-is-why-you-don't-trust-rootkitters dept

For the few of you left who still trusted Sony, now comes news of yet another massive data breach, this time for Sony Online Entertainment (SOE) users. SOE is their online multiplayer games offering. It sounds like a similar issue to the PSN hack, again with lots of data being taken. Making matters worse, apparently for players outside the US, Sony kept credit card numbers and/or bank details in an “outdated database” (read, one not properly secured or encrypted, apparently). And… Sony is now admitting that the breach occurred a few weeks ago, so this info has probably already been put to use. So, we’ve got the rootkit, the PSN and now the SOE issue. Who actually willingly pays Sony for anything any more?

Filed Under: ,
Companies: sony

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Things Get Worse And Worse For Sony As Another Massive Data Breach Detected”

Subscribe: RSS Leave a comment
The eejit (profile) says:

This could bankrupt Sony Entertainment, and speed the decline of Big Content. In the UK alone, such a breach can be charged with a maximum fine of ?3 quadrillion, if puniuched to the fullest extent of the law.

As it is, if this is correct, then Sony are in massive breach of the PCI compliance laws in the EU. No wonder they announced freebies for all PSN customers over the weekend – they wanted to bury the bad news.

Dark Helmet (profile) says:

Re: Re: Re: Re:

Look at lists of the highest rated games ever made, and you’ll notice a trend. Here’s an example:

There isn’t even a single game on that list later than the 90’S! And when I think of the two glaring omissions in that top 10, they’re both 2000 and before as well (Final Fantasy 7 & Deus Ex)….

The eejit (profile) says:

Re: Re: Re:

But it should bankrupt them. Personally identifying data is a shitton more valuable than your capacity to consume. Moreover, I’d like to see you come up with an argument as to why this shouldn’t cost Sony their ability to trade; the fact that this was discovered over a month ago opens them up to vicarious liability on failure to prevent fraud.

Had Sony even deigned to notify its consumers of the breach when it occurred, we would have been having a different discussion. As it is, the amount of stupid involved on Sony’s part is insane.

Non-hashed PSN info? Check!
Holding CC details (including CVV)? Check!
Refusing to notify people after discovering the breach in a timely manner? Check!
Claiming everything’s okay when it’s clearly not? Check!

They don’t deserve any money from anyone ever again.

Anonymous Coward says:

Re: Re: Re: Re:

I never said that it shouldn’t bankrupt them. I have a PS3 and I’m outraged by this news. They will more than likely get a slap on the wrist and get told to be better at protecting data and that is all the punishment they will receive.

I’m sure they will end up spending more money on PR to try and improve their image than they will on improving security. It’s disgusting but that’s just how it usually seems to go.

Jay (profile) says:

So let me get this straight…

Sony wants to limit music with Amazon…
They want to spy on you with rootkits…
You have no privacy through their network…
If you research these hacks, they’ll sue you…
If you try to help them in any way, shape, or form, they won’t work with you…

Well, I guess you don’t have much to say except sayonara Sony.

Anonymous Coward says:

Re: Re: Re: Re:

The boss? That would merely be a good start. All CxO level executives would be a good finish.

The data of tens of millions — if not over a hundred million people — was exposed due to their profound negligence. The cost of that in monetary terms is well into the trillions. The cost in human terms is difficult to calculate: how do you give an identity theft victim their life back, their years of suffering and worry?

“Enormous” doesn’t even begin to describe the impact of this. As a society, we’re willling to lock up someone who merely steals a 4-year-old car. What should we do with Sony’s personnel, who have done something that makes that microscopically inconsequential by comparison?

(And yes, 95% of the blame for this rests with Sony. Well-known, test, best-practice security techniques would have left the attackers with a massive encryption problem.)

Capitalist Lion Tamer (profile) says:

Well, shit.

I’ve got a PS3 and my choices are:

– Get an 360 that suffers from head alignment problems
– Step back a generation and get a Wii, along with none of the games I actually want to play
– Shell out a couple of grand on a higher-end computer

This doesn’t include the cost of re-purchasing all the games I still like playing. Unfortunately, I’ve got a lot of money already riding on this hacked-up horse, so I kind of feel like I’m going to stick it out until the next gen arrives.

God help me, I love that locked-in feeling.

On the bright side, my Netflix still streams and I’ve got a really large Blu-ray player.

Capitalist Lion Tamer (profile) says:

Re: Re: Well, shit.

Probably. I just don’t want to be adding RAM to video cards or swapping them out just to keep up.

I’m resistant to PC gaming anyway. I’ve only got a limited amount of time to play and I don’t want to spend part of it tweaking settings and downloading patches. I know that’s short-sighted, but it is what it is. I would also like to take advantage of various mods, but I also like that when I boot up the game on a console, I know it will work.

AndyD273 (profile) says:


“Who actually willingly pays Sony for anything any more?”

Should read: Who actually willingly uses Sony’s free services any more, let alone give them money.

An interesting solution to this and other services, go to a retailer that is a bit more trustworthy and get the PSN giftcards. Same goes for XBox live, iTunes, anyone else that wants your credit card number and might store it wrong.

Sean T Henry (profile) says:

Re: Typo

The solution is not to use gift cards the solution is to not buy sony products and to legislate a minimum level of protection on stored consumer data. The minimum should not require a specific tech but have requirements that must be met using any means.

If you are really concerned about your CC# then use a CC# generating service provided by several Credit Card companies so the number will be expired by the time anyone could use it.

bADiTCH (profile) says:

Just got my email for SOE

Opened my inbox this morning and low and behold there was an email from Sony about my SOE account. Now I find this kinda funny about the attacks that have been discovered as of yet. But it sucks that my kids do use some SOE games and when i had to tell my son this morning that he won’t be able to play his Clone Wars games he was pissed.

Dave C (profile) says:

Where to Go?

This will be a tough question for everyone. I don’t think giving up on the PS3 is the best thing to do. Both systems have their flaws- XBOX 360 and PS3. Sony will learn from this, we can all hope. I’m going to guess that their back-end systems are now much more secure. This is the sort of thing that removes the magical cloud-cover from people’s eyes about a company though. There is no reason to be a die-hard fanboy at this point. Personally, I’ll keep my PS3, and keep buying content, and playing games. Same for my 360, and whatever new consoles come out from either company in the future.
To comment on a few of the comments above, I do not think this will bankrupt Sony. I would hate to see all of those people without jobs in this economy. I do think, however, that there will be a huge whole ripped into the company by the pending lawsuits. People will get fired, trust me. Now, will the right people get axed, or just some scapegoats…time will tell. I also hope that this is an eye-opener to all companies that they can be breached, no matter how secure they think they are. It’s always that one catastrophic FAIL that gets people in motion.

Anonymous Coward says:

Re: Where to Go?

“Sony will learn from this, we can all hope.”

Why should they? They didn’t learn anything from the rootkit debacle and it cost them less than a slap on the wrist.

As long as the sheeple keep buying their goods and services, there is NO REASON for them to learn. Or to even try to learn.

Sony cares about profit. Always profit, only profit. If they could prostitute children and make money from it, they’d do it without a second thought. They have no conscience, no morals, no ethics, no scruples of any kind.

So to expect them to learn, or to even WANT to learn, is insane. They’ve already repeatedly proven, beyond all possible argument, that they’re not going to. And because the sheeple keep coming back, they don’t need to.

Anonymous Coward says:

THIS is why I am angry at Sony. Yes, being hacked can be considered a cost of doing business in this day and age. Yes, I am annoyed by someone who understands technology what they let leak and how. What really gets me angry, what makes me want to swear off Sony and sue them into oblivion is their delays.

It took seven days from them discovering the PSN server holding personal information was hacked into before they said ANYTHING that sounded like “Oh, and by the way, you should keep an eye open.” Hell the first two days they claimed it was routine maintenance, they outright LIED to us.

And now this WEEKS after it happened? That is what I cannot excuse. The lies and coverups. Hell they probably would still be hiding the SOE breech, but I would wager something forced their hand.

Being hacked? Forgiven. It is the criminal’s fault.
Having POS security? It annoys my tech side, but I can understand how they can cling to lumbering beasts or try to skimp with the money. Forgiven, grudgingly.
Hiding all these data breeches and outright lying as to their actions? No way.

Hiiragi Kagami (profile) says:

My answer.

“Who actually willingly pays Sony for anything any more?”
Unfortunately, many although I will not be one of them.

This is a shame, too, because I once respected this company, often putting its products first on a list when shopping. However, the rootkit fiasco hit the news and I put my guard up.

The final straw was when Sony purposely proved to the world who really owns its console and this was pretty much it for the company. In fact, I just rid myself of every component of this maker from my house, save an old transistor radio (which is just too damn nice to give up).

It certainly doesn’t help to turn and read personal attacks against users and data loss occurred after the “final straw” and I can honestly say I’m glad I left this company.

If anyone from Sony reads this post, I welcome you to the true definition of a “lost sale”, and it will take you at least a decade to restore my faith into the company.

Isn’t it about time Sony gets started?

ChrisB (profile) says:

This piling on is ridiculous

Seriously. We get it. You’ll never buy Sony again. You feel as if they broke into your house and killed your dog. You have spent the last 3 days rocking in a corner because you can’t believe people still buy Sony stuff. Some hacker might know your name, so you’re having problems sleeping at night and need anti-depressants. Oh, and by the way, games just haven’t been the same since Dr. Mario.

Don’t forget to keep those posts, so you can just change the company name when someone else gets hacked or screws up. I’m looking forward to your exasperated rage again.

The Devil's Coachman (profile) says:

Re: This piling on is ridiculous

That must be some wedgie you’re sporting there, boy! Probably have your waistband at eye level, at least. Your ludicrous attempt to marginalize people with legitimate complaint is an EPIC FAIL, and your attempt brings into question where your loyalties lie. I think we all know the answer. You think all consumers with legitimate and serious complaints against businesses run by stupid and unethical idiots should be disregarded and held in as much contempt as you were just obviously able to muster. Sod off, you corporate apologist!

Sony………blows ponies

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...