• United States



Closing the book on the 2011 Sony Playstation data breach?

Jun 19, 20142 mins
Data BreachPlayStationSony

Following the data breach at TJ Maxx in 2007, I still remember the Sony data breach of 2011 as a landmark occurrence in the world of security and cyber threats. At the time of the initial incident, in which hackers stole as many as 77 million accounts, it was speculated that the intrusion originated with a system administrator falling prey to an email-borne attack and ultimately having his system compromised. From there, attackers sought out and stole personal information from account holders. Sound at all familiar? Further, back in 2011, there was no real sense of how much the breach would cost Sony. However, over time some of those costs have materialized: · Almost $400k levied by the UK (and ultimately agreed by Sony) · $2.5m paid as part of a class action settlement to cover plaintiff legal fees just announced · A range of credits to Sony Play Station members (we will see if a dollar amount gets reported in the public filings) To name a few. And obviously these pale in comparison to the costs mentioned already in relation to the breach at Target Corporation. With significant security incidents seemingly accelerating in the years since that Sony breach, we continue to urge organizations to take a coordinated rather than knee-jerk approach in addressing sophisticated cyberthreats. Our recommended decision framework can be found here and we welcome your input.


David Finger has spent more than 12 years in the enterprise security space, currently at Fortinet and previously with Trend Micro, ProofPoint and Sana Security among others. His direct customer engagement spans security challenges and solutions from endpoint and server through gateway and cloud, for both threat and data protection, all around the world.

More from this author