Thursday, April 28, 2011

High Stakes Gaming

This month's PlayStation network hack job is being called one of the biggest data breaches in history. The personal information of a full 77 million PlayStation Network users has been exposed, and the Big Question, of course, is: BY WHOM? Who has absconded with this information?

The answer: No one yet knows. In an interesting article on, the authors walk us through an analysis of the possible culprits, from the hacktivist group that oh-so-ironically calls itself "Anonymous" (denied culpability and, in fact, probably not guilty) to China to the random recreational teen hacker to the (probably Ukrainian or Russian) for-profit cyberthief (probably guilty). Their M.O.s and motives are laid out and their potential culpability assessed.

Folks should not fear that this was done for their credit card numbers. No, no, no -- the CVV2 security codes aren't stored with the rest of the info, and the hackers would have known that. Passwords: that's what they're after. People tend to use the same passwords for multiple sites, and so one's password for the seemingly innocuous PlayStation network may well also yield one's password for online banking.

Seventy seven million people is a lot of passwords. If even a fraction of those are also used by their owners for their personal banking, this could actually wind up being the largest bank heist in history. Let this be a cautionary tale to you, 91282ILBOB.

-Jack Simony

No comments:

Post a Comment