Okay, Sony, Time to Say “Sorry” for the PSN Breach
By Jared Newman | Thursday, April 28, 2011 at 12:13 pm
Maybe I’m just over-sensitive, but it strikes as odd — and maybe a little arrogant — that Sony hasn’t apologized for the Playstation Network breach that resulted in stolen passwords and personal information.
I’ve read all seven of Sony’s updates on the official Playstation Blog, and not a single “sorry” or “apologize” is uttered throughout. The most Sony can muster is this: “We sincerely regret any inconvenience or concern this outage has caused, and rest assured that we’re going to get the services back online as quickly as we can.”
Not good enough. I understand that, in a sense, Sony’s the victim too. Hackers infiltrated the Playstation Network, and now Sony has to deal with lost trust, lost sales and the inevitable class-action lawsuit, not to mention the time and resources required to rebuild PSN with better security. But that doesn’t mean Sony shares none of the blame for what happened. Users trusted Sony with a treasure trove of personal data, and Sony failed to protect it. That merits an apology.
Think of it this way: If I let you stay in my house, and you leave the doors unlocked, and someone waltzes in and steals all my valuables, you’re partly at fault. At the very least, I’d expect you to say you’re sorry for what happened.
I expect the same from Sony for letting hackers walk away with the names, e-mails, addresses, birthdates and passwords of 70 million users. Apologizing wasn’t so hard for Alliance Data, parent company of Epsilon, when hackers stole millions of names and e-mail addresses in a security breach last month. It shouldn’t be hard for Sony. A little respect for customers goes a long way.
16 Comments
Read more:
16 Comments For This Post
April 28th, 2011 at 12:18 pm
And Google needs to answer the tracking issue too.
April 28th, 2011 at 12:59 pm
Sorry for what, they got hacked, yea. they did not leave the door open fool, for the hackers to come in.. Your a dope! Its more like they Broke in with a crowbar. Glad i'm not your friend.
April 28th, 2011 at 1:11 pm
You're right. PSN was an impenetrable fortress and there was nothing that could have been done. Encrypting passwords? Out of the question.
April 28th, 2011 at 4:19 pm
Couldn't have responded better myself. There is NO FAULT on PSN users at all. The fault is on Sony and its crappy protection of sensitive data.
April 28th, 2011 at 2:03 pm
Ahhh! they stated they had security in place.. Duh! No corp. bussiness would risk that.. Come-on….. Really,…..Really! So you believe they had no type of security in place.
April 28th, 2011 at 2:55 pm
Ah, so it's a black and white issue. Security or no security. No room for varying degrees of effectiveness. Thanks for clarifying that.
April 28th, 2011 at 2:54 pm
I thought about that. On the other hand, an apology was not a problem for Epsilon, which went through a similar breach a month ago. INALB I'd think that if a court was deciding on culpability, there'd be many more important factors in the decision than whether Sony said "sorry."
April 28th, 2011 at 6:49 pm
I am not trying to say that it would be “the” factor in determining guilt, it would just be “a” factor. Sony has the problem of being a multi-billion dollar company and it has to balance that idea with the heavy corporate pressure to not give any impression that they are at guilt.
I have no doubt that several employees at Sony feel real bad about this, but at the same time, they are not about to be the ones that could tip the scale, or even make their company look bad. It is all about what Sony thinks. I have no doubt that they are making sure that they don’t have any whisper of admission since in their minds, they might as will settle. They already were forced to settle on one issue not long ago, they aren’t going make it any easier in another suit.
April 28th, 2011 at 3:06 pm
I understand the sentiment, but they're likely not saying sorry because from a legal standpoint, that would be too close to admitting fault in the matter. Let's not forget that they are a huge company with a lot to lose. Sure you and I may have been put at risk, but weigh that against a multi-billion dollar international company admitting that they were responsible for the theft of 77 million people's personal info. NOT smart for them. I think this is the best they can do right now, considering the circumstances.
April 28th, 2011 at 3:47 pm
Their hacking on the PSN gave a brief statement what most are, Thief's!
Just because a web site get's fractured, from hackers ! Yes, It's Black and White.
Like the rest of the evoking pity misfits that fine tune the PSN's dramatic situation , just hoping to pick up coins that can be shaken off the money tree.
Perception is everything.
It's like playing a cheap level in a game. You don't want to, but you have to.
April 28th, 2011 at 4:32 pm
So…hackers now have the Names, Addresses, E-mail, and Birthdays of 70 odd million people.
…I don't see the issue here. Credit Card information, yes, I can understand that. But what I keep hearing brought up again and again almost more so than the credit cards is the "personal information" not being encrypted. So what if hackers know your birthday? What the hell are they gonna do with this information? Send me an EVIL postcard? Seriously, someone explain to me why I should be upset about this. NOT the credit card thing, I already canceled mine. But the personal info. I'm seriously asking, I want to know.
April 28th, 2011 at 5:32 pm
Passwords too. That opens the door to e-mail hacking, and from there, the risk gets bigger. An attacker could potentially use e-mail access to change the password on a bank account.
If you're on top of these things, it's an inconvenience — I had to change my passwords for several other services — but if not, you're at risk for much worse than an evil postcard. (Which, by the way, isn't totally innocuous. A person who knows your name, address, birthdate and profile information could draw up a pretty convincing phishing attempt.)
The bottom line is that if you're a savvy Internet user, you'll be smart enough to stave off any possible effects. But the theft of all this information is by no means harmless to all 70 million PSN users.
April 28th, 2011 at 11:43 pm
They also got answers to "security questions", e.g. mother's maiden name, city of birth, etc. You can change your password, but you can't change the year you graduated high school, or the name of your first pet. This information could be used in spear-phishing attacks, or for other nefarious purposes.
Setting aside the security questions issue, of the 70 million whose accounts were compromised, how many do you expect use the same usernames and passwords to do their online banking, email, shopping, etc.? 5 million? 10 million? Who knows, maybe 30 million!
Will anything ACTUALLY happen to millions of users as a result of this data breach? Probably not. It's probably just a "grey hat" trying to make Sony look like a bunch of idiots (which they are, evidently). But what COULD happen, and why SHOULD you care? A TON of bad stuff could happen, if the hackers were really interested in exploiting this data.
April 28th, 2011 at 4:44 pm
Because people are not smart enough to know when a hacker could concoct a convincing enough phishing scheme to scam users out of countless other information.
Its less information than you could dig out of most amercan garbage cans.
I just leveled up. Now I have the amulet of truth.
I am one of the PSN users. I have changed all my email passwords. You should too!
April 29th, 2011 at 2:16 am
They just released nothing but vague excuses about the downtime/hacking incident.
April 29th, 2011 at 8:13 pm
ever heard of identity theft?