The 8 largest information security breaches: Sony, 2011

Not to be neglected when talking about information security breaches which have entered public consciousness, and caused millions of people to lose sleep over data security, is the infamous Sony security breach of 2011.

What happened?

In April 2011, an unknown group of hackers launched an attack on the popular PlayStation Network, which is used by millions of PlayStation owners to log on to the internet, play games with their friends, and purchase Sony entertainment products.

How many records were accessed?

Sony initially released a statement claiming that 78 million users of the PlayStation Network had their personal data compromised, but that figure soon rose to 102.6 million when it was found that Sony Online Entertainment and streaming service Qriocity had also been breached.

On top of that, it was found that the credit card details of more than 24,000 European Qriocity users had been stolen by the hackers.

How it happened?

It is believed that the breach occurred because Sony simply did not have enough data security measures in place. For example, they did not encrypt the personal details of their customers, apart from their credit cards details. This allowed hackers to infect the system with malware that was able to both steal and erase data from the system, thus compromising millions of Sony users across the globe.

What’s happened since?

Following the information security brief, Sony were roundly criticized not only for not doing enough to prevent the attacks, but also for not informing the affected parties until over a week after they were hacked.

The company were fined $396,100 by the IOC, and along with paying for 65 class-action lawsuits that were brought against them and the clean-up costs associated with the breach, the company were down $171 million because of the attack.