Just when it seemed the reputation of Japanese industry for leaking things could get no worse, Sony’s loss of as many as 75 million PSN accounts has seen a new and most unwelcome record set, one for which irate consumers and even a US senator are demanding answers for.
US Senator Richard Blumenthal has already written a letter to Sony demanding an explanation as to why Sony tarried in announcing the full scale of the compromise:
I am writing regarding a recent data breach of Sony’s PlayStation Network service. I am troubled by the failure of Sony to immediately notify affected customers of the breach and to extend adequate financial data security protections.
A breach of such a widely used service immediately raises concerns of data privacy, identity theft, and other misuse of sensitive personal and financial data, such as names, email addresses, and credit and debit card information.
I am concerned that PlayStation Network users’ personal and financial information may have been inappropriately accessed by a third party.
Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach.
Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised. Nor has Sony specified how it intends to protect these consumers.
Sony’s handling of the breach may well have violated data protection laws in any number of countries, to say nothing of the lawsuits Sony can now expect, so this may be the tip of the iceberg – little wonder Sony stocks took a modest tumble after the announcement.
No self-respecting Japanese politician would ever be so useful as to publicly demand answers from a misbehaving company, but the Japanese themselves are clearly just as exasperated as everyone else is:
“What have they done!”
“They waited that long to announce it? They just wanted to hold it up till after they announced their tablet. What total scum.”
“Sony is finished!”
“I just had to cancel my card. Fuck you, Sony.”
“The PSN wasn’t just for consoles, it was the basis of their whole corporate strategy… the damage is really huge.”
“They wanted to merge all their products into the PSN… after this they’ll never manage it.”
“Waiting a week to reveal this is just inexcusable.”
“What kind of idiot would give them their card details in the first place?”
“Everyone does that!”
“And they were recording the security number too as I recall… we’re all screwed.”
“Thank god I used a point card instead!”
“Even if you didn’t lose your CC details, the fact that they leaked your whole purchase history is bad enough.”
“They can’t reissue your date of birth…”
“I cancelled my card. I’ll never register it with anyone again. You don’t know when this sort of thing could happen to them. Well, I hope the PS3 survives all the same.”
“Why are these companies so obsessively secretive?”
“After the quake, reactor leak and now the world’s worst data leak, just what is happening to Japan?”
“This is the online equivalent of the great quake.”
“Sony are complete imbeciles if they really let something like this happen.”
“Didn’t they at least encrypt the card details properly?”
“Frankly I thought it was getting stupid – compulsory net access and registering your credit card just for some game? Can’t we return to the SNES era?”
“So now I have to change all my passwords because I have been reusing them everywhere…”
“Any lawsuits are going to be punitive – they are done for.”
“The year’s two great leaks – radiation and personal data.”
“Don’t compare them to Tepco – they are just cute compared to them.”
“To think Sony would end like this…”
“The history of leaks:
2004 – Softbank – 4,500,000
2005 – Visa, Mastercard – 40,000,000
2006 – KDDI – 4,000,000 – AOL – 660,000
2009 – ALICO Japan – 130,000
2010 – AT&T 110,000 –
2011 – SONY – 77,000,000 – Messe Sanoh – 1405”
“So who’s planning the class action suit? I want in.”