A good example of why you should always use a different password for your email accounts and you do for things you sign up for.
I wonder how many people with get their emails hacked as they use the same password as they do for Sony.

I suspect that a good percentage do. Well they might have done until now. A couple of years ago, I opted for a password manager and I now have 217 log ins all different and all tough to crack. My wireless is 50 digits long and most are 20 or 30 digits long. The real problem is that many sites cap the limit of characters that can be used as far too low. The lowest is 4 and numbers only. Many still cap the number at 12 characters.

I have one bank account that must be between 6-8 characters and the username is only 8 numbers.

And I still do feel sorry for Sony. Such an evil company so it is nice that karma came back with a mighty heavy duty boots on its feet to kick its arse

Edit: I meant to say I DON'T feel sorry for them

Well they have been hacked 11 times so you kind of stop feeling sorry for them after a while.

As I posted on another forum, the headline kind of betrays an ignorance of the situation. There is in fact no 'Sony', in anything but a fairly nebulous sense. 'Sony' is a brand which various companies, all of which are pretty much autonomous, share because it makes life easier. Below boardroom level, there pretty much is nothing that you could call ' Sony'. You have Sony Pictures, Sony Ericsson, Sony Electronics, Sony Computer Entertainment... these companies barely ever talk to each other, let alone share IT or management. Sony have only even had anybody on the board with responsibility for IT since the PSN hack and he's not had a chance to do very much to turn the pack of squabbling children that is 'Sony' into anything like order.

So in reality the people who run PSN have next to nothing to do with the people who run Sony PIctures web sites. They probably don't even know who each other are. So the idea that "Sony' keeps getting hacked is in fact nonsense. It's like.... if you get burgled, and then your second cousin gets burgled, those aren't the same crime, are they? There's probably no link at all between the two events - this is what Sony is like. The hack of Sony Pictures bears no more connection to the hack of SCE (i.e. PSN) than it does to the hack at Lockheed Martin.

This isn't the case of the same company being caught out multiple times, these are cases of lots of companies that pretty much only share a name for marketing purposes being caught out. And in any case, it's not any particular company that deserve your sympathy, it's the people whose details are being put up on the internet because someone thinks it's a laugh. The excuse the hackers used in this case was, according to their statement, 'They were asking for it'. I've heard that phrase a few times and the people using it were generally guilty of having done something pretty abhorrent and anti-social. I suspect you can figure out the kind of things. If that's the best excuse they can come up with, the hackers are no better than those other groups...

Jon

I do use a variety of passwords. Though my strongest by far is the one I use for my wifi network.

Yes but subsidaries are branches of the same company. Berkshire Hathaway has dozens of subsidiaries which completely independent of each other and have practically no contact with each other they do not even carry the Berkshire Hathaway name. Sony is very similar yet they will all report to the Sony HQ even if many subsidiaries have no contact with each other. Though I suspect that there would be significant contact between some divisions.

It is like Virgin. That operates practically as a brand with all its divisions operating differently. In this case though they have been targeting anything with a Sony name. In fact the Sony companys attacked were simply national HQ's in a few of the occassions. I have no issue either way with Sony. You would have thought that since so many divisions have been targetted that they would make better efforts to secure all their divisions. Or disconnected them temporarily.

You see the thing is.. some of them don't get on. At all. SCE and Sony Ericsson famously don't (which is why we still don't and probably never will have a 'playstation phone' as such) don't, and at a lower level SCE America and SCE EU hate each other. Even to the point where they used to attempt to sabotage each other's games when released in their area (SCEE famously did no promotion at all for the first God of War game in the EU, and the WipeOut games have never been promoted very much in the US). I don't think they'd help each other. I think it's very likely that the management in the unaffected sections thought it was hilarious until it happened to them too.

The other side is Sony patently have been underspending on IT. They've had a couple of rather rough years financially, and I suspect they've been trying to do things if not on a show string then at least on a lower level than MS do. Security in IT costs money - it requires higher spec hardware and expensive consultancy and I very much doubt the management at Sony felt like spending that money until they were bitten on the arse. More fools them of course, but I rather suspect that's the situation.

Jon

It would not surprise me that they actively encourage internal competition to spur them on, without realising the other side effects. I thought that there was a playstation phone shown on the camping challenge on Five's Gadget show last week. Not my thing so in one ear out the other.


I was discussing this with friends. They were the ones who told me about the 11 Sony hacks. I did comment that staff are treated as a expense not as a necessity when it comes to IT. They might spend a fortune on hardware but nothing on the team to operate it. So yes we agree that the blame lies much higher up. Skimping on the IT will cost them millions to resolve.

Ah, well there's a case in point. That phone (if its the one I think it was) was patently supposed to be the Playstation Phone. It has the same control layout as a playstation controller and even does (or will, I think, at some point) play Playstation games. Yet it's not called 'the Playstation Phone', it's called the Xperia Play. Why? The rumour is that SCE vetoed the name, as they didn't want anyone to get to use the Playstation brand on something that wasn't SCE's idea. We're not just talking about internal competition here, we're talking about years of what can only be described as petty vindictiveness between the various 'houses' within Sony.

Jon

Well maybe the hackers are in other Sony divisions. All these hackers are claiming responisibility for events that are really the actions of one Sony division against another.

Though it does highlight the ridiculous management in Sony. Maybe if and when I get a PS3 I will not sign up to for online access.