Thursday, April 28, 2011

Case PSN attention to your bank account

The first credit card fraud resulting from the breach of security servers and Playstation Network Qriocity prompted U.S. consumers to complain. It is recommended to monitor their account or to object to your card if you bought online content on your PS3. When we reported yesterday that Sony thought that the banking information of its customers were potentially compromised with the rest of personal data (see "PlayStation Network information is compromised), we were very careful to use the same level of conditional probability that Sony used in its press release.

The firm also still refuses to officially say if the banking information of its clients have been corrupted. Nevertheless, last weekend, many consumers have seen the information they had entered their PlayStation Network account or Qriocity be used for illegal purposes. In fact, since last Saturday, many casualties occur on the Internet and many financial institutions warn their customers of fraud with the information contained in databases from Sony.

For now, the damage appears to be limited to the United States, but Sony has already warned that its entire system was corrupt (77 million accounts) and that includes Europe and France. It is therefore recommended to be very careful. Sony refuses to comment, but a collective action has been commenced in the United States.

If one looks at the events that unfolded last week, we note that Sony could have protected its customers against this delay (see "The Way of the Cross for PlayStation Network"). Indeed, the pirate attack took place between 17 and 19 April 2011. Sony noticed it on 19 and unplugged their servers April 20th.

Instead of preventing its customers immediately, Sony expected April 27 to explain that it was a theft of personal data. Previously, the firm spoke only of an attack on its servers. If the firm had better news on the incident on Wednesday last, the work of hackers would have been much more difficult.

At this stage of development, Sony has a big problem. The brand says it was immediately engaged the services of a security expert from the discovery of the problem. Nevertheless, she still refuses to say whether the bank information of consumers have been corrupted, while the evidence seems overwhelming.

Whatever one thinks, that means eight days after the discovery of the fault, Sony still does not know officially the extent of damage, which leaves two possible solutions. Regardless, the incompetence of Sony or security expert is alarming is the Japanese refuse to communicate on this topic.

It does not have eight days to read the logs and determine the databases that have been stolen, copied or corrupted. Moreover, history has shown that transparency is the best defense. In the end, whatever the reasons, Sony has committed gross errors that have placed its clients in a situation of significant risk.

Security vulnerabilities are not new. This is not the first time a company is stealing the bank details of customers. The only answer that Sony has for the moment is that some services NHP Qriocity be returned to service within a week.

No comments:

Post a Comment