| Mail |
You might also like: WoW Insider, Joystiq, and more

Reader Comments (56)

Posted: May 5th 2011 5:05PM edgecrusherO0 said

  • 2 hearts
  • Report
I'm not defending Sony here, but I like how everyone claiming that they had zero security measures in place simply says it. They don't say how they know it, they just know it.

It's likely that their security was lackluster, but I don't think there has been any hard evidence to support that. And if they really did have piss poor security, they deserve to be slammed. A company that big, handling that much personal data being hacked happens. But if it happened because of poor security, that's inexcusable.

Posted: May 5th 2011 5:17PM (Unverified) said

  • 2 hearts
  • Report
@edgecrusherO0 Dont you think it would do SOE alot more if they had announced they had good / great security in place instead of just being quiet about it? I bet if they did have atleast a moderate level of security in place they would be talking all about it, to help downplay the issue instead of holding there breath an not saying a single thing for the most part.

As far as security goes.. There is no excuss for bad security. Regardless how your website or software interacts with the databases / storage. If you software and website is coded in such a way that it leaves open holes and prevents you from preforming critical updates, then its YOUR fault still. Its YOUR software and website.

When you are storing and holding MILLIONS of peoples information and important credit card information then yes it should be your highest priority to protect that information at any cost.

If they could provide that level of security then they truly need to higher a third party that focuses on handling that information with the best security they can.

Out of the billions that Sony has and SOE has access to there is simply NO excuss for not having the staff to keep security tight and/or atleast at a secure state.
Reply

Posted: May 5th 2011 5:22PM watchawatch said

  • 2 hearts
  • Report
@edgecrusherO0
http://www.msnbc.msn.com/id/21134540/vp/42887823#42887823
There you go...evidence. They knew they were using outdated software and it wasn't even patched to be up to date.

So yeah - proof. Testimony before congress. Proof. Meaning facts. Meaning they KNOW it.
Reply

Posted: May 5th 2011 5:20PM (Unverified) said

  • 2 hearts
  • Report
I agree with @aurickle and friend because in the real world upgrading to the latest patch 'breaks things' that were NOT broken along the way of correcting things that were broken. So there is usually a lag between release of a patch and installation. That lag is supposedly used to test whether the new patch breaks something you depend on.

In MMO terms, when the new content release comes out, how many times is there some unexpected issue that breaks your favorite power/skill/equipment. Or nerfs things, or suddenly your power build that plowed through the mobs now kills your own party instead.

Those same sorts of issues on a business scale causes 10's of thousands of names and credit card numbers to get out, or your personal health history is dumped onto wikileaks. Even minor 'bugs' that drop Joey Smith's SSN number onto a website by mistake will cost the company a large fine. Multiply that by 100's or 1000's and you have major cost. So companies err on the side of caution. Err too much on the side of caution, and some hacker gets through the holes the patches were meant to fix and BOOM, you are before congress.

Now, if it is proved that Sony or it's contracted outsourced vendor for it's IT and security or network failed to patch known holes merely because of incompetence or outright malfeasance... then SONY -and- said contractors will need to PAY and heads need to roll (not literally, just jobs lost and things put to rights).

Meanwhile, what about the lifetime subscribers to things like DC Online? All they get is the 'hat'. The extra subscription time is meaningless. But then, lifetime subscribers often get the short end of the stick where 'loss of service' or other recompense is concerned.

Posted: May 5th 2011 5:23PM Seffrid said

  • 2.5 hearts
  • Report
As you sow, so shall you reap.

Sony have treated their customers with contempt for a very long time, especially in relation to the SOE playerbase, and when something like this happens it is not really that surprising that there's a marked lack of sympathy for the company.

If it should turn out that their security arrangements were - to their own knowledge - inadequate, and especially in the event of customers actually being hurt by this breach beyond simply a few days downtime, then the company could well be brought down by the magnitude of the financial penalties applied to it as well as by the victory it would be handing to their console competitors as no-one would be willing to place their trust in the company again.

I feel very sorry for the real people at Sony, the workers who toil endless hours with little recognition beyond the usual trolled insults on the forums, and for whom the future looks very uncertain. They certainly don't deserve this any more than the customers do, and I hope it gets resolved quickly.

Meanwhile the real contempt is for those who exploit such security weaknesses for no more than either criminal gain or anarchist propaganda.

Posted: May 5th 2011 6:48PM Yellowdancer said

  • 2 hearts
  • Report
Just to note...this guy is talking about the PSN. He doesn't mention SOE at all. They probably hopped from PSN's server to SOE's.

Posted: May 5th 2011 8:29PM jpkustra said

  • 2 hearts
  • Report
Unlike the mask they are giving you, SOE cannot protect your identity.

Posted: May 5th 2011 8:39PM eyeball2452 said

  • 2 hearts
  • Report
People are really surprised at the scuminess of Sony? I thought they had already destroyed their brand equity years ago.

If if makes the Sony fanboys feel better, I don't think anymore highly of EA or Activision either.

Posted: May 5th 2011 9:40PM (Unverified) said

  • 2 hearts
  • Report
Seppuku anyone?

Posted: May 5th 2011 10:35PM Yellowdancer said

  • 2 hearts
  • Report
I thought this was odd...posted on Cnet. Apparently the hackers have been saying they will attack again. How reliable is Cnet?

http://news.cnet.com/8301-31021_3-20060227-260.html?ttag=fbw

Posted: May 5th 2011 11:50PM smg77 said

  • 2 hearts
  • Report
Hopefully this whole thing ends up with Smedley doing a perp walk.

Posted: May 6th 2011 12:01AM jestman said

  • 2 hearts
  • Report
Way to post sensational articles without the full specifics.

The quotes are taken a bit out of context as Spafford was speaking what he had seen discussed on forums, making those juicy quotes hearsay at best.

Spafford says, "I have no information about what protections they had in place, although some
news reports indicate that Sony was running software that was badly out of date, and had
been warned about that risk."

Transcript: http://republicans.energycommerce.house.gov/Media/file/Hearings/CTCP/050411/Spafford.pdf

Posted: May 6th 2011 12:15AM EgoPoisoning said

  • 2 hearts
  • Report
Was bad enough when I had to cancel my cards, which I did mostly as a precaution.

Just found out earlier this week that my parents got jacked. My poor dad has a PS3 to watch Netflix and ended up financing some random dude's gas purchases out in Georgia.

Posted: May 6th 2011 1:32AM DiscordSK said

  • 2 hearts
  • Report
I can't help but draw comparisons between this, and the Ford "Fireball" Pinto. In both cases we are learning after the fact that the cost of fixing the problem before it actually became a problem was considered too high when they could just pretend it didn't exist, the chances of anything actually going wrong being deemed minor and they could just pay a small settlement afterwards, eg. a shiney new helmet!

It also seems, that this time like with Ford decades earlier that strategy isn't working out so well for them.

Posted: May 6th 2011 1:44AM Elikal said

  • 2 hearts
  • Report
Ouch. It really seems to get ugly now.

Posted: May 6th 2011 10:42AM OWC said

  • 2 hearts
  • Report
Someone need a kick in the balls for all of this!

Gary
web-oxfordshire.co.uk

Featured Stories

The Stream Team: Where the WildStar things are

Posted on Aug 23rd 2014 1:00PM

WRUP: Limited-time reunion show edition

Posted on Aug 23rd 2014 10:00AM

Engadget

Engadget

Joystiq

Joystiq

WoW Insider

WoW

TUAW

TUAW