Sony screwed up bad.
They screwed up really bad, but did they screw up enough to warrant federal legislation, and a class action lawsuit? I’m not so sure, but when something big, bad and newsworthy happens you can always count on an ambitious lawmaker to beg for attention, and for a small army of lawyers to get erections at the thought of filing a lawsuit.
As I mentioned in earlier posts, I have boycotted Sony for months because of their lawsuit against Geohotz, and their company policies that led to said suit. That being said, I still think the media, legislative, and legal frenzy surrounding this circus is a bit much. Here’s what you need to know:
What did the hackers steal?
They basically hijacked everything Sony had on the PlayStation Network. This includes:
- Birth dates
- Home addresses
- Password retrieval question answers (ex. “What’s your mother’s maiden name?”)
- And probably a slew of data about the games you play and things you’ve downloaded from the PlayStation Network
While the hackers did steal credit card information, all of that information is encrypted.
That means that the credit card data should be safe, and unusable.
I have a Playstation Network account, what should I do?
Most of the the stolen information is the kind of stuff that is uncoverable through thorough Google and Facebook stalking… except for the passwords.
If you have a PSN account, and you used the same password from your PSN account in other places, you need to start changing your passwords.
Typically web services that require a password protect that password by passing the text through something called a hashing algorithm before storing them. Hashing turns your password into a unique string of characters, and the process cannot be reversed. Sony failed to hash their users passwords, leaving them vulnerable.
What Sony did was boldly stupid. I can’t even begin to imagine how a tech company to stored millions of customer passwords unhashed, but they did it… And that may warrant a lawsuit.
A PlayStation is a computer, so you still need to practice safe computing while you’re on it. Change your passwords, and while you’re at it, don’t use the same one over and over again.