Maybe, just maybe, Sony should change its brand message from make.believe to hacked.again. After having its company name associated with the second largest data breach in history, Sony embarrassed itself in the process of restoring PSN by leaving the password reset system vulnerable.
As if that’s not doing enough damage to the brand, two separate reports surfaced last week pointing to a phishing site hosted on a Sony Thailand server and a breach on So-net, a Sony-owned Japanese ISP.
The first incident was reported by F-Secure. The Finnish security software company discovered an Italian credit card company phishing site hosted on Sony’s Thailand domain – hdworld.sony.co.th
“Basically this means that Sony has been hacked, again. Although in this case the server is probably not very important,” F-Secure said in the blog post. Since the phishing site is targeting an Italian credit card company, Sony customers are largely unaffected.
The same can’t be said on the second case though.
Using the same IP address, an intruder made 10,000 attempts to breach So-net’s customer reward site — and successfully got away with $1,225 worth of customers’ redeemable gift points. The points were redeemed using 128 customer accounts without authorization, while another 73 accounts were accessed but had their points left untouched.
The Japanese ISP did not rule out the possibility that the breach is related to the more massive PSN hack, but Keisuke Watabe, a So-net spokesman, said the likelihood is low, noting a very different intrusion method was used.
And unlike PSN’s hack, there is no evidence that any personal data such as names, addresses, birth dates or phone numbers were viewed, according to The Wall Street Journal.
It’s not uncommon for websites to deploy security features like locking out a user for a period of time or presenting a CAPTCHA after multiple failed login attempts. One has to wonder why it takes 10,000 login attempts before So-net starts taking remedial action.