Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
October 24, 2014
arrowPress Releases
October 24, 2014
PR Newswire
View All





If you enjoy reading this site, you might also want to check out these UBM Tech sites:


Report: New York Subpoenas Sony Over Network Breach
Report: New York Subpoenas Sony Over Network Breach
May 5, 2011 | By Kris Graft




New York Attorney General Eric Schneiderman subpoenaed Sony over the PlayStation Network and Sony Online security breach that has compromised millions of users' personal information, according to a new report.

Bloomberg on Wednesday cited a "person familiar" with the probe, which seeks information on the data breaches as well as Sony's "representations made to customers."

As part of a "consumer protection inquiry," the attorney general intends to closely examine what Sony told its customers in regards to the security of Sony networks, according to the report.

Sony Computer Entertainment America spokesperson Patrick Seybold told Bloomerg that "we will review and respond to this request and will continue to work with law enforcement authorities as they investigate the criminal attack on our networks."

The PSN breach, a cyber attack which Sony said occurred sometime between April 16 and 19, was discovered by Sony on April 20, with the company shutting down its PSN and Qriocity online services the next day.

On April 26, Sony informed users that the attack compromised personal data of around 77 million accounts, with credit card information possibly compromised. Sony said it was unaware that personal information was stolen until April 25.

Days later, Sony Online Entertainment, developer and operator games such as EverQuest and DC Online Universe, confirmed that 24.6 million more accounts, including 12,700 credit cards numbers, were also compromised. PSN and SOE's Station.com are still down, with some services expected to come back gradually in the coming days.


Related Jobs

Petroglyph Games
Petroglyph Games — Las Vegas, Nevada, United States
[10.24.14]

Unity Engineer
University of Central Florida, School of Visual Arts and Design
University of Central Florida, School of Visual Arts and Design — Orlando, Florida, United States
[10.24.14]

Assistant Professor in Digital Media (Game Design)
Yoh
Yoh — Vancouver, British Columbia, Canada
[10.24.14]

Build & Test Engineer
The College of New Jersey
The College of New Jersey — Ewing, New Jersey, United States
[10.24.14]

Assistant Professor - Interactive Multi Media - Tenure Track










Comments


steve roger
profile image
Is Microsoft's Xbox Live's network security that much different and/or better than Sony's?



Anyway, I find it hard to believe that Sony was unaware that personal information was stolen until April 25. I assume that Sony is playing a bit of a game as to what information constituted "awareness."





All this makes me wonder about the existence of other breaches of security of their network.

Eric Geer
profile image
Kotaku has a pretty good article/interview with a security professional that basically says that all network security--no matter what company---kind of sucks...they are all potential victims to attacks...



http://kotaku.com/5797602/dont-blame-sony-you-cant-trust-any-netw
orks

Mark Harris
profile image
That is a cop out, plain and simple. While there is no such thing as a 100% secure network, Sony definitely dropped the ball and made glaring mistakes in their security protocol.



Seriously, unpatched Apache servers with no firewall? Unencrypted user data? Those are absurdly bone-headed oversights.

R G
profile image
It's not any better. It's not the fact that PSN was hacked, as that has happened to XBL before back in 2007 and in 2009. The problem is that a mass number of identification has been stolen, and Sony isn't providing either:



a.) The truth

b.) Answers people want to hear.



And really, it'd be:



c.) A combo of A and B.

Alan Botvinick
profile image
In US congressional testimony Dr. Gene Spafford of Purdue

University said that Sony was using outdated software on its servers and knew

about it months in advance of the recent security breaches. According to

Spafford, security experts monitoring open Internet forums learned months ago

that Sony was using outdated versions of the Apache Web server software, which

"was unpatched and had no firewall installed." The issue was "reported in an

open forum monitored by Sony employees" two to three months prior to the recent

security breaches, said Spafford.



So...

No firewall

No encryption

No software updates

No monitoring

No listening to their own forum

No to quality control on their hardware



Certainly trust in Sony is very lacking.



Makes you wonder how many *other* companies we do business with on a day to day basis are just as incompetent in their practices without us knowing it. Until something like this happens that is.



http://bit.ly/l23xiT



Watch Testimony Here:

http://bit.ly/lofVdV Edit

Mark Harris
profile image
The answer is many many many many companies. Not just companies, either, governments/government agencies of all kinds are woefully insecure.



It's a bit frightening, actually, how much of your data is stored insecurely and ripe for the plucking.


none
 
Comment: