Sony is still trying to figure out how to best to handle the recent attacks on its PlayStation Network that compromised credit card and other personal information for millions of user accounts. Unfortunately for Sony, sweeping the situation under the rug is no longer an option, not with the continued downtime and literally millions of eyes now on Sony. Company head Howard Stringer already offered up a $1 million apology in the form of an insurance policy, and now we hear Sony is considering a reward for information leading to the arrest and prosecution of those responsible for causing this whole mess.
This just keeps getting uglier. In a letter to Congress, Sony blamed the notorious vigilante group Anonymous for recent cyberattacks on Sony's network, exposing personal data of more than 100 million gamers. Anonymous was quick to deny involvement, simply stating, "Let's be clear, we are legion, but it wasn't us. You are incompetent Sony." Whether or not that's true, Sony hopes to find out in an ongoing investigation, but in the meantime, at least one more attack appears imminent.
Data firms are proving gold mines for hackers looking to sneak in and steal hordes of customer data in one fell swoop. That's what happened to Epsilon, a firm that stores personal data for thousands of companies, including JPMorgan Chase, Kroger, TiVo, Best Buy, Walgreen, and Capital One. The security breach exposed email addresses and other private data for some 50 firms, including each of the above named outfits.
You know how things that are too good to be true usually are? Well, if you purchased a bunch of Microsoft Points on the cheap from eBay, Craigslist, or somewhere else in the secondhand market, there's a good chance they were falsely generated. Hackers figured out an algorithm to add to existing, used codes to get new MS points in 160-point increments. Hitting refresh would keeping adding to the total.
Anonymous strikes again. This time the target of this loose coalition of online hackers is the site of Broadcast Music Inc. (BMI). A DDoS attack hit the site late last night, forcing BMI to take the site offline. As of this posting, it is still not available. This attack is part of what Anonymous calls the "war on copyright".
As the saying goes, 'Keep your friends close, and sue your customers.' Wait, that isn't exactly right, but it's the motto Sony's sticking with as it takes legal action against a band of hackers who uncovered and published security codes for the PlayStation 3 console, BBC News reports.
Sony named 21-year-old George Hotz and more than 100 others associated with a hacking group known as "fail0verflow" in its lawsuit.
"I am a firm believer in digital rights," Hotz said. "I would expect a company that prides itself on intellectual property to be well versed in the provisions of the law, so I am disappointed in Sony's current action. I have spoken with legal counsel and I feel comfortable that Sony's action against me doesn't have any basis."
If George Hotz sounds at all familiar to you, it's because he's the same person who cracked the iPhone's security measures. In this case, Sony is upset that Hotz figured out Sony's secret codes, including a number used to digitally sign all PS3 games and software as genuine. With that key, any software can be signed as legit, including pirated games.
Vodafone believes its customer database was compromised from an employee or dealer sharing the access password, giving the recipient access to the personal details of millions of customers, ABC News in Australia reports.
"It appears to have been a one-off incident, but we are investigating that thoroughly now and we will have a much better picture of that in the next 24 to 48 hours," said Nigel Dews, Vodafone's chief executive. "We did take this data security issue very seriously. It's very important that we uphold the highest standards of data integrity for our customers."
Dews went on say that passwords are being reset every 24 hours to make sure his company's customer records are kept safe until the investigation concludes.
We don't know if the Hamburgler was involved, but a group of hackers may have driven off with personal information from an undetermined number of McDonald's customers, the fast food chain alerted potential victims via email.
"Our records indicate you previously elected to submit information to McDonald's in connection with one of our websites or promotions," McDonald's wrote. "We wanted to let you know there is a possibility that the limited information you provided to McDonald's through its websites or promotions was improperly accessed by an unauthorized third party."
McDonald's said it is working with law enforcement officials to investigate the incident, and that stolen information would not include sensitive financial information, such as Social Security Numbers or credit card numbers, as the fast food chain does not collect such info online or through email.
Sometimes, gamers. Sometimes, we just don't know. After all, we're looking at some mental gymnastics worthy of an Olympic medal. Here, put these unflatteringly short shorts on your brain; let's try running the course: Someone makes an awesome, extremely innovative game that you love. And we mean someone. Precisely one guy did almost all the work here. So he lets you into his magical land of Grown Up Legos for a reasonable fee and then scrambles to keep his game from getting squashed flatter and less functional than a Macbook Air under your collective weight.
At this point, you have a few options. 1) You could politely thank Mr. Notch for his hard work and enjoy the already massive toolset he's provided for you. 2) You could go on Minecraft's forums and suggest what – in your opinion – would make the game even better. 3) You could slow the game's servers to a one-armed crawl with a massive DDOS attack and basically hold the entire game at gunpoint while throwing a temper tantrum because you want your new toys right now.
Did you pick number three? Well then, congratulations: we hate you.
“Minecraft is currently experiencing a stimulation provided by us,” read a post on uber-popular message board 4chan. “Its purpose is to send Notch a clear message of how the future of Minecraft will turn out unless he gets to work, namely by influencing the amount of sales taking place, due to the attacks. Start providing your customers with the updates that you promise them.”
Minecraft in its current form has been around since the tail end of June. Oh, and let's not forget that Notch and his small staff are currently hard-at-work on a massive update set to launch on Halloween.
Knowing these “protesters,” though, you probably ought to expect the server slowdowns to resume the day afterward at 12:01 AM on the dot.
The next time someone tells you antivirus software is a waste of time, money, and resources, keep this in mind. According to PandLabs, every day hackers put up another 57,000 fraudulent website designed to trick users into handing over thier personal information, such as bank login credentials and other tidbits you don't want falling into the wrong hands.
One way around this is to surf with common sense, but with or without antivirus software, you can ill afford to let your guard down.
"The problem is that when you visit a website through search engines, it can be difficult for users to know whether it is genuine or not," Panda says. "For this reason, and given the proliferation of this technique, it is advisable to go to banking sites or online stores by typing in the address in the browser rather than using search engines which, although they are making an effort to mitigate the situation by changing indexing algorithms, cannot fully evade the great avalanche of new Web addresses being created by hackers every day."
According to Panda, the 10 most targeted brands among all fake websites include:
eBay - 23.21 percent
Western Union - 21.15 percent
Visa - 9.51 percent
United Services Automobile Association - 6.85 percent
HSBC - 5.98 percent
Amazon - 2.42 percent
Bank of America - 2.29 percent
PayPal - 1.77 percent
Internal Revenue Service - 1.69 percent
Bendigo Bank - 1.38 percent
All told, bank and transaction companies account for around 65 percent of the fake sites.