On April 26, Sony’s PlayStation Network (PSN) announced more bad news regarding an outage that occurred between April 17 and April 19 – customers’ information, including email addresses, names, home addresses, passwords, date of birth and perhaps even credit card information – may have been compromised due to an invasion into the network.  With approximately 77 million users, this breach is cited as possibly one of the biggest data breaches ever, according to the folks at MSNBC.

Identity Theft 911 expert Brian McGinley, senior vice president of data risk management, commented that “when it comes to cyber-crime, for businesses, it’s no longer a case of if but rather a case of when.”  Sony was aware that there were a number of malicious entities gunning for them and still was not able to secure their company from this attack.  Regardless of their best efforts, major companies are still getting routinely beat by the bad guys – and it is dangerous, expensive and a threat to commerce and consumers.  Fortunately, Sony has the resources to respond, remediate, and recover – whereas a smaller business entity could be brought to its’ knees and put out of business.

For a global company like Sony’s, there will be a significant revenue loss associated with the outage.  And perhaps more importantly, is the reputation and brand hit they have taken with a very passionate online gaming community which is already clamoring about changing over to a competitor in this hotly contested video gaming market.

Identity Theft 911’s Chief Information Security Officer Ondrej Krehel also stated that “email is our unique identifier on Internet, and primary email can be considered the digital Social Security Number”.  If users have the same email and password for PlayStation Network as they do for other accounts, then a countless number of users’ emails can be read, and all affiliations to financial (banks, PayPal), social (Facebook, Twitter) and personal life (Amazon) can be revealed and exploited.

Phishing email scams, as well as deceptive phone calls and even direct mail could result from the information obtained from this breach.  Minors are particularly vulnerable as they comprise a large demographic of the gaming population and are may be easier to exploit and phish on minors.

Related:
The Epsilon Breach: Don’t Take the Bait with Phishing Scams
How to Spot, and Avoid, Internet Scammers

Leave a Reply