Welcome to a laptop battery specialist of the Sony laptop battery
Sony's great big data leak could go down in history as the company's messiest mess of all time -- even worse than the CD rootkit disaster.
Last week, we learned that hackers had broken into Sony's PlayStation Network and made off with a bunch of user data. Names, passwords and birth dates were definitely leaked, and Sony wasn't able to guarantee people's credit card numbers were safe either.
That's what we were told a week after the break-in, and in the meantime, lots of customers' credit card numbers may have been in the hands of crooks. Since then, the plot has thickened further.
Even though Sony with battery such as Sony VGP-BPL2 battery , Sony VGP-BPS2 battery , Sony VGP-BPS3 battery , Sony VGP-BPS5 battery , Sony VGP-BPS8 battery , Sony VGP-BPS9 battery , Sony PCG-R505 battery , Sony PCG-V505 battery , Sony PCG-Z505 battery , Sony VGN-T90S battery , Sony VGN-T16GP battery initially said users' credit card data had been encrypted, security researchers have reported hearing chatter about a list of PSN users' credit card numbers being shopped around through criminal underground channels for somewhere in the neighborhood of US$100,000. Sounds like someone's trying to cash in on a raid.
Sony's recommended that users keep a close eye on their card statements and credit reports. But for users who really want to be safe, you might want to also treat it like you know the card's been stolen. Call it in and ask for a new card with a new number, then shred the old one. Banks probably don't like that advice -- if everyone on PSN was to take that step, it's estimated the collective costs to issuers of replacing all those cards could be upwards of $300 million. Then again, what does it cost to deal with a massive influx of fraudulent transaction complaints?
Later, it was announced that, counter to the company's initial assessment, another part of Sony's system -- Sony Online Entertainment -- had also been broken into as part of the original hack attack. Same kind of info was stolen: name, full address, email, gender, birth date, phone number, user name, etc. In all, we could be looking at a breach of more than 100 million accounts, and nobody at Sony seems to be sure exactly what's missing from where.
The company even snubbed an invitation to explain itself in person at a U.S. House subcommittee hearing on data theft Wednesday. Granted, it probably wouldn't have been a very pleasant exchange if Sony had shown up, but its absence apparently didn't prevent congresspeople and other witnesses from unloading on the company. The chair, California Rep. Mary Bono Mack, burned Sony for not notifying customers about the intrusion immediately. When it did break the news, it did so on a company blog, which she said put the burden of finding out about the problem on the customers themselves. "Not gonna fly" is how she put it.
On top of that, an expert witness said Sony's security system was weak and that the company was well aware of that fact for months.
Sony hasn't completely ignored the dirty looks it's been getting from Washington. It wrote a letter to Congress explaining its side of the story and defending the way in which it disclosed information to users. It said it didn't want to cause confusion by dribbling out a bunch of unconfirmed or incomplete info hour by hour. So instead, it waited until it had a full and verified story to tell before going public.
Sony also explained that one of the reasons its security system was off the ball at the time of the attack was because it had recently been targeted by the hacktivist group Anonymous in retaliation for the company's lawsuit against hacker George Hotz. According to Sony, Anonymous' denial-of-service attack was so distracting that malicious hackers were able to sneak in through the back door. Sony didn't directly implicate Anonymous for the theft itself, but it did note that it found a file left by the thieves on one of its servers that contained the text "We are legion," which is an Anonymous battle cry.
Anonymous has denied having any part in the theft, and usually the group very proudly claims responsibility for the activities it does engage in, so at this point it doesn't smell like an Anonymous stunt. On the other hand, Anonymous is by nature very decentralized, so it's hard to say that any proclamation attributed to the group is the official party line. And who knows, maybe the people that really stole the data actually consider themselves part of Anonymous, regardless of whether the rest of Anonymous likes that or not.