by Jongwoo Y
Due to recent public outcries, hackers have been using SQL injection in order to hack into company databases. Sony, a leading electronics company based in Japan has been targeted many times due to an unpopular approach that the company had been taking in their use of the judicial system against some of their own customers. By the use of SQL injection, these hackers from groups such as LulzSec and Anonymous have been able to steal the information of over 77 million users of the PlayStation Network , a popular gaming community created by Sony for online gaming on their video game consoles (Finkle & Baker, 2011). This caused Sony to take tremendous losses in both their customer base and revenues from their PlayStation Network due to the fact that Sony was forced to close their online service for over a month. Information that was stolen from Sony’s PSN Database include customer names, credit card information, addresses, and birth dates (Finkle & Baker, 2011). However, the attacks are not over yet as Sony has experienced multiple attacks on their other services as well, including their music store websites based in Japan and in Europe as well (Rashid, 2011).
The effect that these hackers have had on Sony’s customer base is tremendous. Personally owning a PlayStation 3, it has caused me to go through the trouble of being forced to call my bank and change my credit cards due to the fact that my personal information had been put in danger due to Sony’s lack of security from these SQL injection attacks. Another huge effect that it had was that it made me almost completely forget that I had owned a PS3 after being barred from playing online with my friends since PSN was forced to shut down for over a month. To this day, I have not actually turned my PS3 on since the attacks due to the sour taste that this whole debacle has left in my mouth. Though PSN does have it’s advantages to Xbox Live (mainly that it’s free compared to Xbox Live’s 7 dollar a month charge), I prefer to use Xbox Live’s service due to the fact that I have not yet heard of any hackers being able to access any of Microsoft’s customer information databases. As technology has evolved and consumers around the world begin to use more and more online services, Database security has become one of the most important things for companies to consider as they dive further into the digital age. With hacker communities such as LulzSec and Anonymous around, companies should put forth a great amount of emphasis towards securing their customer’s personal data in order to avoid these types of embarrassing and costly situations. However, it is wrong to think that only Sony has run into these types of debacles as companies such as Steam, Fox, and many other tech companies have fallen victim to similar attacks. Another area to put a lot of emphasis on is the nature of groups such as LulzSec and Anonymous. These groups are made up of everyday people that are very good with computers. They are hard to trace and possess a characteristic that is very scary to law enforcement as they are basically open communities where anyone can join. There is no true hierarchy that these groups possess, which make finding these culprits a difficult task. Finkle, J., & Baker, L. (2011, June 02).
Reuters. Retrieved from http://www.reuters.com/article/2011/06/02/us-sony-idUSTRE74Q1EC20110602 Rashid, F. (2011, May 24). eweek. Retrieved from http://securitywatch.eweek.com/data_breach/sony_woes_continue_with_sql_injection_attacks.html