Philip Reitinger, CISO of Sony, has announced that about 93,000 accounts on Sony’s systems have been compromised. They monitored a suspect massive set of trials of login/passwords. Most of them were unsuccessful, but about 93,000 succeeded. Most probably, the attackers get access to a database of plugin/passwords of another web site (such information is available on the Darknet).
Some people use the same login/password for different sites. These persons may be the victims of this attack.
We must congratulate Sony for its reaction:
- Transparency; they were clear on what happened, and provided the data. The reaction of customers was extremely positive
- Monitoring: this proves that Sony is carefully monitoring activities to detect strange behaviour or patterns. This is key in security.
- Customers are ready to hear the truth in case of attack. I would even guess that they would rather be aware than listen about it once it is far too late.
- Do not use the same password for all sites, at least not for the critical ones.