blog.brandprotect.com

Sony Playstation Network hacked! Are you afraid of identity theft?

Sony Playstation users expressed shock on April 26th as Sony Playstation Network and Qriocity went public and announced a data breach that affected an alarming 70 million customers.  Although in distress, gamers are taking this opportunity to step outside of their homes and head out for some vitamin D.

Between April 17th to 19th hackers gained access to personal information such as: name, address, email address, date of birth, Playstation Network/Qriocity login name and passwords and online ID’s, in addition to security questions and purchase history logs. In light of this breach, users are being warned to keep an eye out for phishing sites and to monitor their credit card transactions. Everyone is appalled by the very fact that Playstation waited 6 days to inform its users. This lack of notice has many security experts, privacy right advocates and U.S. Senator Richard Blumenthal dissatisfied with Playstations’ action plan in informing it’s users of a major security breach. The Senator stated in a note to the company   “When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised."

Security news networks and the media are firing back at Sony and highlighting how poorly they handled communicating this information to their users. It has raised many questions and has played a huge role in regards to the reputation of their brand.

What does the Playstation hack mean for you?

Well, the good news is that Sony did not have users Social Security Numbers, which could have caused more damage. I am sure all Playstation users are worried about identity theft and the safety of their credit card information. Here is a list of things you should be aware of:

• Watch out for phishing scams; perpetrators have sensitive login details and I am sure they are already working on launching a phishing scam which could easily look like Sony “purporting to restore your password.” Be alert. Do not provide any sensitive information.
• Change your passwords; I know most people use the same password for everything. I change my passwords every 3 months. If you have a hard time coming up with a strong password here’s a blog post we wrote to help you choose a different password that is easy to remember:
  http://blog.brandprotect.com/Blog/bid/20106/Password-Security-sing-a-song-save-some-stress
• Many of you may also use Xbox live and have the same password. Change all passwords. According to Microsoft, users may receive potential phishing attempts via title specific  messaging while playing Modern Combat 2.
• Change your security questions; if possible create your own questions. You should be the only person who can answer these and the answer doesn’t always have to be the truth.
• Monitor and audit your credit card transactions. Should you cancel your card? Well Sophos has a good point: “If my friend said he’s borrowing my credit card and might have lost it, I’d cancel my card and (perhaps) dump my friend”.

The importance of Online Brand Protection and protecting the reputation of your company.

A security breach such as the one discussed above can absolutely tarnish your brand, reputation and customer loyalty. A swift and rapid action plan is crucial to your reputation. Take care of customer data; invest in a good mitigation plan. Evidently we learnt from the Sony breach that informing your users as soon as possible should be a priority. Don’t be afraid and wait several days to inform your customers, as you know every action you take as a corporation will be criticized by the media and your competitors. Before it gets worse, take immediate action.

Each day the Sony network remains down, gamers will probably move on to Xbox or Nintendo Wii. It’s going to take time for Sony to repair its reputation. Sony’s communication team definitely has some damage control to unfold.

Be one step ahead!  Before the media and competitors get more vocal, understand the risk, invest in a mitigation plan and protect your company and customers.