Sony has shut down its PlayStation Network indefinitely after a "massive data breach" in which an unknown hacker gained access to names, addresses, passwords, and other personal information for 77 million user accounts. The electronics giant is warning that it "cannot rule out the possibility" that credit card information was stolen as well, though there is no evidence of that yet. Gamers are frustrated by the prolonged outage, and the incident — one of the largest data breaches ever — has become "a major black eye" for Sony. Here, four mistakes Sony made:
1. Sony started a "ridiculous" fight with hackers
"Sony has no one to blame but themselves," says Paul Tassi in Forbes. The company "started a war" with hackers when it took away the ability to install other operating systems on PlayStation machines. This attack can't be condoned, but "Sony absolutely kicked a hornets nest that should have been left well enough alone."
2. Sony was "negligent" about security
It's "shocking" that users' secrets were so easily available to hackers, says Sebastian Anthony at ExtremeTech. Why in the world were those passwords, email addresses, and other personal details "stored in unencrypted form?" It looks like Sony ignored "industry-accepted procedures" for security, says Ben Rooney at The Wall Street Journal. If that's the case, the company's management looks "stupid" and "grossly negligent," says Erik Sherman at BNET. And now, "it's only a matter of time before someone files a class-action lawsuit," says Evan Narcisse in TIME.
3. The company was slow to disclose the problem
Sony learned about the hack on April 19, and shut down the network the following day — without alerting the public to the security problem. The company brought in outside experts to investigate and, on its official PlayStation blog, says "it took our experts until yesterday to understand the scope of the breach." Even now, after some details are out, Sony continues to be "less than forthcoming," says Rory Cellan-Jones at BBC News. Millions of users are questioning what caused the breach, what personal details have been compromised, and when exactly the network will be back online. Sony should satisfy their curiosity.
4. And Sony cast doubt on the cloud's safety
Many tech companies are moving to cloud-based services, in which data is stored on a network and accessible from any internet-connected device. So this breach is "worrying for any business trying to persuade consumers that the 'cloud' is a safe place to store valuable content or personal data," says Cellan-Jones at BBC News. These cloud services "represent the juiciest imaginable hacking target," says Anthony at ExtremeTech, and if a leader like Sony can be hacked, "we can only hope that other companies are watching and learning from its mistakes."
Sources: BBC News, BNET, ExtremeTech, Forbes, GameSpy, PCWorld, Reuters, TIME, Wall Street Journal
THE WEEK'S AUDIOPHILE PODCASTS: LISTEN SMARTER
- The 11 worst fast food restaurants in America
- 7 things the world's happiest people do every day
- 7 grammar rules you really should pay attention to
- Why are so many parents being arrested?
- Why America is duty bound to help Iraqi Christians
- 9 things you probably didn't know about the moon
- What would a U.S.-Russia war look like?
- What if The Purge was real?
- The biggest lesson Obama failed to learn from Bush
- Israel has only two choices: Eliminate the Palestinians or make peace
Subscribe to the Week