About a month after Sony's PlayStation Network was hacked, exposing the account information of 100 million users, Sony faces a series of smaller hacks across the company's systems.
So-net Entertainment Corp, a subsidiary of Sony, discovered that a hacker stole about $1,225 worth of customers' redeemable gift points, according to the Wall Street Journal. That same day, security firm F-Secure found that Sony's Thailand server was running a live phishing scam.
So-net does not believe the breach on its systems was connected to the PSN hack. The company reported that an intruder tried 10,000 times to access the So-net point service, which gives customers gift points that can be exchanged for products. So-net said that the intruder likely had usernames for accounts and proceeded to use software that generated passwords in the attempts of finding the right one. Points were redeemed from 128 customer accounts, and another 73 accounts and 90 email accounts were accessed.
In the case of Sony Thailand, The Next Web confirmed that the phishing site hosted on the hdworld.sony.co.th URL was the result of a hack, likely through some security weakness in the server's infrastructure.
Earlier this week, Sony was forced to take down sign-ins across the PlayStation Network due to a vulnerability in the password reset page that allowed hackers to get into user accounts using only an email address and a date of birth.
While none of these breaches near the magnitude of the original PlayStation Network breach, it seems perhaps that such vulnerabilities are only now being discovered because of the scrutiny the company and its systems have come under following the PSN hack. Experts believe that Sony is only one of many companies that must improve its security to prevent further attacks, and that without such measures, similar hacks will happen again.
"It's a realization that we all had, that no system is 100 percent safe," Kazuo Hirai, the Sony exec managing the breach said at a briefing earlier this week. "This requires constant monitoring and constant vigilance."
Tidak ada komentar:
Posting Komentar