Analysis: What's so special about Sony's massive data breach?

Thu Apr 28, 2011 4:14pm EDT
 

By Jim Finkle

BOSTON (Reuters) - The hacking of Sony Corp's PlayStation Network has earned a place in the annals of Internet crime.

That's partly because of the massive size of the data breach -- information about 77 million customer accounts was stolen. It is also because Sony bothered to disclose the attack at all.

The bulk of attacks on corporate and governmental computer networks go unreported because victims want to avoid the embarrassment and public scrutiny that come with acknowledging that their systems have been hacked.

Companies fear that their stock price might take a hit or that their brand might be damaged after news of an intrusion, said Jerry Dixon, a former government official who was instrumental in setting up the U.S. government's crime-fighting Computer Emergency Readiness Team.

"Everybody's network is getting hammered all the time," said Dixon, director of analysis at Team Cymru, a non-profit security research group.

Sony shut down the network on April 19 after discovering the breach, one of the biggest online data infiltrations ever. But it was not until Tuesday that the company said the system had been hacked and that users' data could have been stolen.

In the United States, several members of Congress seized on the breach, in which hackers stole names, addresses and possibly credit card details. One U.S. law firm filed a lawsuit in California on behalf of consumers.

Democratic Senator Richard Blumenthal of Connecticut called on the Justice Department to investigate the matter.   Continued...

 
<p>A man walks on a floor advertisement for Sony Corp's PlayStation 3 game console at an electronic store in Tokyo April 27, 2011. REUTERS/Yuriko Nakao</p>