E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: TheStar.com

Posted on April 27, 2011

Sony PlayStation Network users, including more than 1 million in Canada, should cancel their credit cards to avoid having their credit information compromised, a leading Internet security expert warns.

"The implications of the hack are only now becoming clear," Graham Cluley said Wednesday╩on his Sophos.com╩site. "If I lost my credit card in the back of a taxi, I would cancel my card. If Sony has lost your credit card details, then it's worse."

"This security breach is not just a public relations disaster for Sony, it's a very real danger for its many users," Cluley said.

"This is like hacking the Pentagon," Canadian gaming expert Shaun Conlin told the Star. "The losses are going to be in the billions." Developers, users and game publishers will all be seeking compensation, he said.

Sony Corp. admitted Tuesday afternoon it couldn't rule out the possibility the credit card information of its 77 million users had been compromised.

Sony's days-long delay before explaining the scope of the hacker attack infuriated users and raised questions about the company's public relations skills. "Sony has never been very good at being frank," said Conlin. "They probably thought they had it under control." Still, he said, "it's not like they're couching the truth."

As message boards exploded in anger and mystification, Sony communications director Patrick Seybold tried to explain the delays. "There's a difference in timing between when we identified there was an intrusion and when we learned of consumers' data being compromised," he╩posted in the PlayStation blog. "We learned there was an intrusion April 19th and subsequently shut the services down."

After several days of forensic analysis, he said, "it took our experts until (Monday) to understand the scope of the breach. We announced it publicly (Tuesday) afternoon. "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week," Seybold said.

Hackers have been able to glean users' names, addresses, email addresses, dates of birth, password, login and online identification.

PlayStation advised its U.S. customers how and where to get a free credit report and how to register a "fraud alert" on their cards.

PlayStation Canada spokeswoman Ashley Beaulac said Wednesday morning Canadian users would be advised on credit reports shortly. She did say more than 70 per cent of PlayStation 3 users connect to the PlayStation Network.

Credit card numbers are small change in the international hacking world, Wall Street Journal tech reporter Ben Rooney reported. Credit card numbers on their own currently trade for as little as 5 cents to 12 cents on the black market, but complete data allow highly targeted attacks against individuals? This sort of data commands much higher prices."

Security expert Cluley explained that the Sony data trove could be used to:
• break into your other online accounts, because people use the same passwords;
• email you scams and malware attacks; and
• hit you in the wallet, if credit card details are stolen.

People in 59 nations use the PlayStation network. Of the 77 million user accounts, about 36 million are in North and South America, including more than 1 million in Canada. Another 32 million are in Europe and 9 million in Asia, mostly in Japan.

"There is going to be a natural distrust of Sony for this system's lifecyle," said Conlin. "This is the only system that has been hacked so thoroughly, so it is going to tarnish the Sony name, for sure."

If the intruder successfully stole credit card data, the heist would rank among the biggest known thefts of financial data, Associated Press reported.

Recent major hacks included some 130 million card numbers stolen from payment processor Heartland Payment Systems. As many as 100 million accounts were lifted in a break-in at TJX Cos., the chain that owns discount retailers T.J. Maxx and Marshalls, and some 4.2 million card numbers were stolen from East Coast grocery chain Hannaford Bros. Those attacks allegedly involved a single person: Albert Gonzalez, a Miami hacker who was sentenced last year to 20 years in prison for the attacks.

The╩Ponemon Institute, a data-security research firm, estimated that the cost of a data breach involving a malicious or criminal act averaged $318 per compromised record in 2010, up 48 per cent from the year earlier.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.