Friday, 29 April 2011

Thoughts on the PSN Security Breach

If, like myself, you own a PlayStation3 then it is more likely than not that you are on the PSN Network. Having seen what has happened in the last week, like me, you might be somewhat displeased with what has occurred.

To summarise Sony's own posts on the matter they experienced an intrusion into the PSN network between the 17th and 19th of April. Then on the 26th of April they informed us that there had been a loss of personal data, including user's addresses, passwords and possibly credit card information. Seemingly it appears that passwords and credit card information was stored in an unencrypted fashion.

When I look through comments on Sony's official blog I am amazed by two things. Firstly, some people's first concern seems to be when the network will be back up and running. Secondly some people are surprised that people are upset with Sony. If a network is unsecured they cannot possibly reopen it as yet, and if that unsecured network has critical unencrypted data on it then I think people have a right to be upset.

Personally I am amazed that Sony did not at least encrypt passwords and credit card information. Looking into encrypting these details is not difficult. I am not careless with my own data and security details and I am personally appalled that a company the size of Sony should be careless with this in this manner. It is an astonishing abuse of trust in my opinion.

At this point in blog comments someone will say that the hackers are to blame. I don't think they're angels in this, but the responsibility to at least encrypt data starts and ends with Sony.

When the network comes back up will I stop playing on it? In all likelihood no, but I'll not put credit card details on the system again. It has also prompted me to carry out a further password audit on every account I have on every site and service I have on the internet. Unfortunately it seems that my details are not safe with anyone, and that if other companies will not take responsibility for it then I have to do my utmost to protect myself, and by association, my family.