Search Results

Game Over: Cloud Computing and the Sony Breach

By Ondrej Krehel, Identity Theft 911 There’s been a lot of commentary and gotcha-style journalism surrounding the Sony data breach, but not much constructive criticism. Yes, the breach could have easily been prevented. Had Sony enabled fairly standard firewall technology and kept its systems up-to-date with the latest patches, none of this most likely would […]

Don’t Get Pwned By Sony. Your Information May Have Been Stolen – Now What?

In light of recent announcements regarding major breaches and stolen PII (personally identifiable information) of Epsilon clients, celebrities and now Sony’s PlayStation gamers, you may be left thinking, “what do I do if this involves me?” Identity Theft 911 experts have recently assembled the best tips to help you from falling victim to the several […]

Game Over. Sony’s PlayStation Network Gets Hacked

On April 26, Sony’s PlayStation Network (PSN) announced more bad news regarding an outage that occurred between April 17 and April 19 – customers’ information, including email addresses, names, home addresses, passwords, date of birth and perhaps even credit card information – may have been compromised due to an invasion into the network.  With approximately […]

Target Hack Prompts Many to Invest in Cyber Insurance

Many companies are taking advantage of cyber insurance to ease the blow of security breaches by hackers, according to The Wall Street Journal.

3 Reasons Why Data Breaches Will Continue

The storm of consumer-focused data breaches started off as intermittent downpours — Choicepoint, TJ Maxx, SONY, LinkedIn, Twitter, Adobe Systems — and is now a torrent: Target, Neiman Marcus, Kickstarter, White Lodging, the Sands Casino, and now everyone who’s attended or worked at the University of Maryland since 1998. In each case, hackers weren’t after […]

Two Years On, Lessons Learned From The PlayStation Data Breach

Data breaches happen with startling regularity, but they rarely occur on the scale of the 2011 Sony PlayStation breach. When hackers cracked open the PlayStation Network, 77 million users were affected-their passwords, credit card information, security answers, physical addresses and more were all in the hands of thieves. It was a nightmarish scenario for those users and for Sony, but it was much more than just a bad dream.

The results of the PlayStation breach are still playing out. In January 2013, the United Kingdom’s Information Commissioner’s Office (ICO) fined Sony nearly $400,000 for the hack. After the breach, companies saw just how important it was to keep their own systems secure; it’s estimated that the breach cost Sony $170 million. The company also faced lawsuits and government scrutiny from both the United States and United Kingdom, not to mention a major drop in its stock prices immediately following the incident.

No breach since has affected so many users, but breaches still continue to happen. Lessons learned in the aftermath may have helped in combating hacks and increasing security, but everyone needs to continually keep them in mind, and update those lessons.

• Companies-even tech companies-have to stay on their toes. Authorities within the ICO stated that the PlayStation hack was “preventable” and noted that a company like Sony, which is at the forefront of the technology industry, should have had the most up-to-date security system available. In Sony’s systems, credit card data was encrypted, but other personal information was not. While companies aren’t required to encrypt personal data, after the PlayStation hack, it became clear that doing so is a best practice. Data encryption software and solutions are continually evolving.

• Response time matters. The PlayStation hack happened some time between April 16 and 19, 2011, but Sony didn’t shut down the system until the 20th, and then waited to make an announcement about the breach until the 22nd. It wasn’t until April 26th that the company confirmed users’ data had been compromised. During that period, users were confused, nervous and angry at the company’s sparse communications. One of the key takeaways from the hack was that telling customers what’s going on is essential, not just from a customer service standpoint, but because most states have laws requiring disclosure of breaches.

While users can protect themselves with clever passwords and other identity theft protection methods, corporations should be equally concerned with protecting their users.

Find Out Which Companies Dropped the Security Baton

By Brian McGinley In the spirit of the Olympic Games under way this summer in London, we’ve opted to award gold, silver and bronze medals to companies and government institutions for their performance in the 2012 (In)Security Games. Find out which organizations experienced the thrill of a well-designed privacy plan and which ones endured the […]

Hilton Customers at Risk of ID Theft, Blogger Alleges

As a security consultant who travels up to 40 weeks a year, T. Robert Wyatt has spent his share of nights in Hilton hotels. In recent years, he has noticed problems with Hilton that extend far beyond unclean rooms or clogged shower drains. According to a lengthy recent blog post, Wyatt says that he has […]

The Next Osama bin Laden Already Has Your Social Security Number

A massive cyber attack on American infrastructure is the 21st-century equivalent of the neutron bomb. All buildings remain standing but systems inside them are rendered useless. Human beings aren’t killed on a large scale, but few, if any, are left standing either. And while this sounds pretty dire, it’s quite likely some segment of this […]

Game On: 12 Tips for Safer Online Gaming

By Matt Cullina, Identity Theft 911 Parents of gamers have likely caught wind of the hype surrounding two fall arrivals: Battlefield 3 (released Oct. 25) and Call of Duty: Modern Warfare 3 (out Nov. 8). These so-called shooter games are the latest installments to two established and—in the case of Call of Duty, wildly successful—video […]