Search Results

3 Major Security Lessons from the Sony Pictures Data Breach

With the devastating attack on Sony Pictures Entertainment that exposed corporate and personal information, IT security professionals are using the intrusion as a warning for companies to strengthen their data security.

Game Over: Cloud Computing and the Sony Breach

By Ondrej Krehel, Identity Theft 911 There’s been a lot of commentary and gotcha-style journalism surrounding the Sony data breach, but not much constructive criticism. Yes, the breach could have easily been prevented. Had Sony enabled fairly standard firewall technology and kept its systems up-to-date with the latest patches, none of this most likely would […]

Don’t Get Pwned By Sony. Your Information May Have Been Stolen – Now What?

In light of recent announcements regarding major breaches and stolen PII (personally identifiable information) of Epsilon clients, celebrities and now Sony’s PlayStation gamers, you may be left thinking, “what do I do if this involves me?” Identity Theft 911 experts have recently assembled the best tips to help you from falling victim to the several […]

Game Over. Sony’s PlayStation Network Gets Hacked

On April 26, Sony’s PlayStation Network (PSN) announced more bad news regarding an outage that occurred between April 17 and April 19 – customers’ information, including email addresses, names, home addresses, passwords, date of birth and perhaps even credit card information – may have been compromised due to an invasion into the network.  With approximately […]

Data Breaches are a Boon for D&O Liability Insurance

The past year was saturated with detailed disclosures of cyber attacks against marquee corporations. From Target to Home Depot and JP Morgan and Sony Pictures, the wider public now knows how wide open corporate networks are to disruptive, damaging hacks. In the coming year, court cases should begin to define and quantify a new realm […]

FBI Sounds Alarm for Corporate Malware Attacks: 5 Tips for Malware Prevention

After a cyberattack on a U.S. motion picture firm, the U.S. Federal Bureau of Investigation is alerting businesses to the potential for more significant intrusions, Reuters reported.

Target Hack Prompts Many to Invest in Cyber Insurance

Many companies are taking advantage of cyber insurance to ease the blow of security breaches by hackers, according to The Wall Street Journal.

3 Reasons Why Data Breaches Will Continue

The storm of consumer-focused data breaches started off as intermittent downpours — Choicepoint, TJ Maxx, SONY, LinkedIn, Twitter, Adobe Systems — and is now a torrent: Target, Neiman Marcus, Kickstarter, White Lodging, the Sands Casino, and now everyone who’s attended or worked at the University of Maryland since 1998. In each case, hackers weren’t after […]

Two Years On, Lessons Learned From The PlayStation Data Breach

Data breaches happen with startling regularity, but they rarely occur on the scale of the 2011 Sony PlayStation breach. When hackers cracked open the PlayStation Network, 77 million users were affected-their passwords, credit card information, security answers, physical addresses and more were all in the hands of thieves. It was a nightmarish scenario for those users and for Sony, but it was much more than just a bad dream.

The results of the PlayStation breach are still playing out. In January 2013, the United Kingdom’s Information Commissioner’s Office (ICO) fined Sony nearly $400,000 for the hack. After the breach, companies saw just how important it was to keep their own systems secure; it’s estimated that the breach cost Sony $170 million. The company also faced lawsuits and government scrutiny from both the United States and United Kingdom, not to mention a major drop in its stock prices immediately following the incident.

No breach since has affected so many users, but breaches still continue to happen. Lessons learned in the aftermath may have helped in combating hacks and increasing security, but everyone needs to continually keep them in mind, and update those lessons.

• Companies-even tech companies-have to stay on their toes. Authorities within the ICO stated that the PlayStation hack was “preventable” and noted that a company like Sony, which is at the forefront of the technology industry, should have had the most up-to-date security system available. In Sony’s systems, credit card data was encrypted, but other personal information was not. While companies aren’t required to encrypt personal data, after the PlayStation hack, it became clear that doing so is a best practice. Data encryption software and solutions are continually evolving.

• Response time matters. The PlayStation hack happened some time between April 16 and 19, 2011, but Sony didn’t shut down the system until the 20th, and then waited to make an announcement about the breach until the 22nd. It wasn’t until April 26th that the company confirmed users’ data had been compromised. During that period, users were confused, nervous and angry at the company’s sparse communications. One of the key takeaways from the hack was that telling customers what’s going on is essential, not just from a customer service standpoint, but because most states have laws requiring disclosure of breaches.

While users can protect themselves with clever passwords and other identity theft protection methods, corporations should be equally concerned with protecting their users.

Find Out Which Companies Dropped the Security Baton

By Brian McGinley In the spirit of the Olympic Games under way this summer in London, we’ve opted to award gold, silver and bronze medals to companies and government institutions for their performance in the 2012 (In)Security Games. Find out which organizations experienced the thrill of a well-designed privacy plan and which ones endured the […]