Sony BMG Site Hack Exposes User Data
Sony has suffered yet another online attack that has exposed users' information, including their names, email addresses, and usernames.
As Sophos blog Naked Security initially reported, the Sony BMG Greece music site (SonyMusic.gr) was successfully hacked and the attackers later shared the data they recovered about the site's registered users, which was eventually posted in an online forum.
Hackers have repeatedly targeted Sony over the past several weeks. The company admitted earlier this month that attackers successfully breached its PlayStation Network and compromised the personal information of over 100 million users in what is likely the largest attack of its kind.
More hacks have ensued, with Sony subsdiary So-Net Entertainment Corp. revealing that hackers stole redeemable gift points and a security firm reporting that a phishing scam was being run off of Sony's Thailand server.
Naked Security's Chester Wisniewski points out that these breaches may continue as Sony has become a target for hackers. "As long as it is popular within the hacker community to expose Sony's flaws, we are likely to continue seeing successful attacks against them," he writes, adding, "While it's cruel to kick someone while they're down, when this is over, Sony may end up being one of the most secure web assets on the net."
Even as Sony has attempted to reassure its users and encourage people to return to its services, the company's executives had admitted that risks remain.
"It's a realization that we all had, that no system is 100 percent safe," said Kazuo Hirai, chairman of the board of directors. "This requires constant monitoring and constant vigilance."
Sony estimates that the company will lose some $3.2 billion in the fiscal year ending March 2011. It also noted that the PlayStation breach cost it around $170 million, with the money going to improve security, providing identify theft insurance to its users, and more.