Security experts advise PlayStation gamers to take precaution since their personal information is at risk following the hacking of Sony's PlayStation Network.
Phoenix Software CEO Simon Campbell-Young says online gamers, including the locally-based, are at risk of identity theft after hackers broke into the system and accessed the gamers' personal data.
“The minute someone has access to your personal information, they are able to use it, and they will use it. Most often, these details are sold on the black market to people who will use them to commit various kinds of fraud,” he says.
This incident, and others like it, Campbell-Young says, makes it blatantly evident that if a system is not adequately protected, users are going to run into trouble. “In most instances, a plain Internet security application is not enough.
“There is need to introduce anti-fraud products, catered specifically for this type of protection, running on top of one's existing Internet security or anti-virus to protect the ability of hackers to access personal details. It can encrypt the data provided to companies like Sony and Microsoft.”
Campbell-Young says it is fortunate that in SA there is increased awareness as these types of incidents happen more often, with bigger consequences.
Several vendors have been focusing in mobile device security and highlighted this area years ago. “Security attached to devices such as tablets and consoles is part of its product set because they are equally at risk,” he says.
At stake
In a statement, Brett Myroff, CEO of Sophos SA, says the fact that credit card details used on the network to buy games, movies and music may also have been stolen is very disturbing.
“If Sony loses your credit card information, it's no different from you losing your credit card - you should cancel that card immediately.”
He says questions have to be asked as to whether Sony was ignorant of payment card industry data security standards as well as storing this, and other personal data in an unencrypted format. “All in all, this is a PR and security disaster for Sony.”
According to Sophos, users should take immediate action to ensure their online identities are secure, and that fraudsters cannot take advantage of stolen credit card information.
Myroff says Sony PlayStation Network users need to act to minimise the chances that their identity and bank account are compromised following this hack.
“This means changing online passwords - especially if you use the same password on other sites - and considering whether it would be prudent to inform your bank that, as far as you're concerned, your credit card is now compromised.”
Panic control
In response to this intrusion, Sony says it has temporarily turned off PlayStation Network and Qriocity services.
“We have also engaged an outside, recognised security firm to conduct a full and complete investigation into what happened,” the company says in a statement.
It adds that it has also taken steps to enhance security and strengthen network infrastructure by re-building its system to provide greater protection of personal information.
For security, the company encourages users to be especially aware of e-mail, telephone, and postal mail scams that ask for personal or sensitive information.
“Sony will not contact you in any way, including by e-mail, asking for your credit card number, social security, tax identification or similar number or other personally identifiable information. If asked for this information, one can be confident Sony is not the entity asking,” it says.
When the PlayStation Network and Qriocity services are fully restored, the company recommends users log on and change their passwords.
Additionally, if they use PlayStation Network or Qriocity user name or password for other unrelated services or accounts, the company strongly recommends they change them as well.
Sony also warns that profile information such as purchase history and billing addresses, as well as 'secret answers' given to Sony for password security may also have been obtained.
The company admits it cannot rule out the possibility that credit card information may also have been compromised.
To protect against possible identity theft or other financial loss, Sony encourages users to remain vigilant to review their account statement and to monitor credit or similar types of reports.
Share