Having only just announced the multi-million dollar cost of recovering from the major compromise of its PlayStation online game network, Sony has run into trouble with the web hosting and online security of its sites again.
Providing yet more evidence, if it were needed, of the importance of choosing web hosting and security support wisely, a variety of Sony sites worldwide have been hit by hackers again this week, leading to Sony having to temporarily take the sites offline. Apparently, it would appear that most of the incursions were caused by SQL injections.
As with the previous hacking incidents, hackers are thought to have accessed users’ personal information. For example, the Canadian based Sony Ericsson eShop, which retails phones online, was compromised, and around 2,000 customer names and emails stolen, although it would appear that no credit card details were taken. Phone numbers, email addresses, and passwords from around 8,000 users of Sony Music Greece are also thought to have been lost.
The company is also thought to be investigating problems with sites in Thailand and Indonesia as well.
Around 1,000 of the customer details taken from the Canadian site were posted online this week by a “grey hat hacker”; someone who allegedly does not hack for personal gain or with malicious intent, but more to illustrate the vulnerabilities of systems.
Sony has issued separate statements dealing with each incursion, saying that it is working to fix the security breaches and restore sites, and that it is unknown whether these recent problems are related to the major hacking attack that resulted in the removal of the PlayStation network. It seems a review of their entire web hosting solution is necessary.