Last week, SEGA announced that hackers had stolen personal information — including passwords, email addresses, and dates of birth — on 1.29 million of its SEGA Pass service users. The security breach came less than two months after the Sony Playstation Network was hacked, and after similar cases with video-game publishers Nintendo, Bethesda, Codemasters, and Epic. Why does this keep happening? Here, four theories:
1. Lack of encryption
While SEGA kept financial details about its customers on a separate, more secure server, it didn't encrypt basic information, says Ghacks.net. That was how Sony got hacked, too. Unencrypted information is "easily stealable." The lesson from this "appalling mess" is that consumers should be more careful about what information they share, companies should limit the details they require, and the government should demand that all personal information be encrypted.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
SUBSCRIBE & SAVE
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
2. The rise of "hacktivist groups"
Latest Videos From The Week
This cyberattack revival is mostly about humiliating these companies, says Byron Acohido at USA Today. One hacker group, LulzSec, has absolved itself of involvement in the SEGA breach, but claimed responsibility for hacks of Sony, PBS, and even the U.S. Senate's website. Like the "renowned hacktivist group" Anonymous, LulzSec is out to expose security flaws and embarrass giant companies, out of "resentment" over the idea that "corporations own the internet."
3. The password problem
The problem goes far beyond video-game sites, says Mat Honan at Gizmodo, because "you know" these customers use their stolen passwords to log in elsewhere, too. "Because people are stupid." With an automated tool to crosscheck login info across multiple websites, the hackers would be "unstoppable." To protect identities, "pain in the ass" security measures must be put in place, things like Google's two factor authentication and biometric logins. More than anything, "it's time to abandon the password."
4. Actually, this has been happening for a long time
"There is no real outbreak of hacking," says John C. Dvorak at PC Mag. The "hacking scene" has been going on for decades. It just wasn't until bold-faced names like Sony were attacked that "the media perked up." Now that people are treating this as big news, "not a day goes by" without a hacking story.
