Sony is now releasing customer data to hackers on a daily basis – the company has suffered two additional hacks in short order.
Following on from its Sony BMG Greece leak, Sony Music Japan was subject to a successful SQL injection hack laying open several databases to all comers – fortunately, it seems the databases did not contain much in the way of sensitive information.
The next hack was more serious – a Canadian ecommerce site run by Sony Ericsson was hacked with the loss of all data to hackers. The database made public contained names, email addresses and password hashes, though the hacker responsible claims to be in possession of credit card data and phone numbers, amongst other information. The site was taken down by Sony Ericsson soon after.
As if all this were not bad enough, the Japanese government has apparently still not allowed PSN service to resume after having expressed concern about deficient security; Sony’s May 25th date for Japanese PSN restoration came and went without restoration of service.
The spate of successful attacks can reasonably be attributed to lacklustre security on the part of Sony and its various group companies, but it certainly appears (not least from the gloating messages left by hackers to this effect) that the sustained interest in humiliating Sony is the direct result of its (to hackers at least) excessively aggressive pursuit of PS3 hackers.
Indeed, whatever losses were sustained to piracy on the PS3 have undoubtedly been dwarfed by the losses Sony has now sustained from hacking – billions of dollars have been knocked from its market capitalisation, its brand lies in ruins, and it may face billions of dollars in litigation.