Sony, Nintendo, Is data ever safe?

Playstation Network – 77 million users
Sony Online Entertainment – 25 million Users
Sony Ericsson website in Canada – 2,000 users
Sony Music Entertainment website in Greece – 8,500 users 
Most people will have heard by this point about the hacking of many Sony website, and the subsequent loss of millions of user’s data – including credit card information. It has also just come to light that Nintendo have recently suffered from server hacking, though at this time they claim that no user information was stored on the compromised infrastructure.
In another recent attack on Sony Pictures, LulzSec, a hacking group have stolen, and then subsequently posted online the names, birth dates, addresses, phone numbers, email addresses and passwords of 1,000,000+ people.

Other than the credit card information stolen in the PSN attack, many people are less worried about basic information such as those from Sony Pictures - but this is wrong - of those million people, a large chunk will use the same password for every account - making there email vulnerable as well as many of their other online accounts.
The worst part of all this is there is unlikely to ever be any real comeback - 'your data has been stolen, we're really sorry' but in most countries the offending companies will go unpunished and users will not get any real recompense.
This simple truth is that data on any externally (i.e. internet) facing computer is potentially unsafe. Yes, in some cases it is more safe than others but when huge companies compile vast amounts of personal information in one place it makes a 'honey pot' for data thieves.
As Stewart Brand is often quoted as saying 'On the one hand information wants to be expensive, because it's so valuable. The right information in the right place just changes your life. On the other hand, information wants to be free, because the cost of getting it out is getting lower and lower all the time. So you have these two fighting against each other.' while this was not originally aimed at personal information the point stands; if you create an information silo which is of value it will, inevitably 'get out' - it is only a matter of time.
Companies want to know about you, they want to store as much information about you as possible because this can be exploited for financial returns. The down side to this is that others also want this information, as it is so valuable - so it could be stolen as in the recent attacks outlined above, or it could leak out in other ways such as the company selling that information to create more wealth.
Ultimately this leaves us faced with a problem, store information as a valuable asset and know that inevitably one day it will be lost or never give that information out in the first place.
Well then, looking at that it is simple - just don’t give out the information!
If only! Now we must slip a little deeper into the insidious world of large corporations and governments. In many places much of the information leaked above is stored by governments - collected via licenses, censuses, tax institutions etc. it can also be stored by private companies you may or may not have had dealings with, either through store cards, online campaigns, social networks - or even provided for a small cost from government bodies (such as the DVLA happily selling its database to any willing to pay!).
This information is just as vulnerable as that lost by Sony et al - look at the 36,989,300 items of personal data lost by the UK government in 2007! (Sorry couldn't find any more up to data information). But in this case you have very little, if any control over the data collected and stored.
So, where does this leave us? One option for the mercenary living among us (in the UK at least) would be http://www.i-allow.com/ - get them to sell your personal information and at least they will give you a 70% kick back!
When Scott McNealy of Sun Microsystems said 'privacy is dead, get over it' he wasn't joking.
This site is dedicated to trying to claw back our right to a private life - but until you realise quite how valuable your personal information is you are unlikely to look after it as best you could.
Yes, there are some places where, legally, you cannot hide your information (such as tax returns), but glibly giving all your personal information to Facebook and Google, or allowing Sony to permanently store your credit card information is like storing your brand new Ferrari in a wooden shed with the key in the ignition.

Leave a Reply