Sony encrypted credit card numbers but not the other personal information for 77 million of its <a href="http://www.networkworld.com/news/2011/042711-sony-playstation-network-faq.html?hpg1=bn&ap1=rcb">PlayStation customers whose data was stolen</a>, according to Sony's daily update about the PlayStation Network hack.
The Sony PlayStation Network data breach that exposed personal and password information -- and possibly credit cards -- of an estimated 77 million people is already considered one of tech history's worst security failures.
It's still unclear why it took Sony so long to admit it lost customers' personally identifiable information in the wake of the PlayStation Network attack, but the real reason may have more to do with legal considerations than how long it took the company to discover the losses, experts say.
The massive Sony PlayStation Network data breach that exposed personal and password information -- and possibly credit cards -- of an estimated 77 million people is an identity-theft bonanza.
Criminals carried out more but smaller data thefts last year than in previous years, indicating a shift toward simpler exploits that run lower risk of punishment, according to Verizon's latest data breach report.
Verizon's just-released "2011 Data Breach Investigations Report" says businesses could prevent most data breaches if they stick to security principles that are cheap and easy to implement.
People who make a lot of online transactions, are popular online and who respond to most of the emails they receive are at the highest risk for being duped by malicious phishers, according to a multi-university study.
Verizon customers this week received email informing them that their personal contact information had been compromised as part of the expansive attack against Epsilon.
<a href="http://www.networkworld.com/news/2011/032411-anonymous-congress.html">Anonymous</a> is at it again, this time attacking Sony and its playstation.com site for gamers, promising to publish personal details about Sony executives online and to unleash a triple wave of botnets against company sites.
RSA has started providing more detail into the mid-March attack on its SecurID token-based authentication system, but to get a fuller story you have to be an RSA customer willing to sign a nondisclosure agreement (NDA).
"We regret to inform you ..." are five words you never want to see in an email. But over the weekend thousands of people did as Epsilon began warning its customers that it had suffered a break-in and <a href="http://www.networkworld.com/news/2011/030311-security-roundup.html">email addresses were stolen</a>. Epsilon now says that about <a href="http://www.networkworld.com/news/2011/040511-about-50-clients-hit-by.html?hpg1=bn">50 of its client businesses were hit</a> -- no small number as Epsilon blasts some 40 billion messages in their names each year.
Identity theft has saddled thousands of children with debt, sometimes for years before they ever discover their personal information has been stolen, a study says.
Five members of the online bank-theft gang caught by an international investigation called <a href="http://www.networkworld.com/news/2009/100709-operation-phish-phry-nets-100.html">Operation Phish Phry</a> face more than 30 years in prison in some case after being found guilty in federal court in Los Angeles.
One in 7 information technology companies have not reported <a href="http://www.networkworld.com/news/2011/030811-ponemon-data-breach.html">data breaches</a> or losses to outside government agencies, authorities or stockholders.
The online travel community <a href="http://www.networkworld.com/news/2010/102710-google-overhauls-local.html">TripAdvisor</a> today informed its members that an unspecified portion of the TripAdvisor email list of its membership was stolen by an attack on a vulnerability in its system.