Sony’s online biz continues to take blows with hackers breaching its sites in Canada, Thailand and Indonesia, company reported Wednesday.
The Canadian attack affected 2,000 users of a site managed by Sony Ericsson Mobile Communications. Sony said the unidentified hackers swiped user names, passwords and emails, but not credit card info.
The site in Thailand has been hacked to facilitate email phishing, while invaders of the Indonesian site made off with code for Sony’s local music service.
All three sites have been taken down while Sony investigates the causes.
News of the hacks follows Tuesday’s report that Sony sites in Japan and Greece had been accessed. About 8,500 users of the Greek site had their personal info hijacked.
Hacks in April of Sony’s PlayStation Network and Qriocity services affected nearly 100 million users, costing the company an estimated $171 million.
Other breaches have since occurred, making the company look as though it has lost control of its online biz to invaders, though not all the hacks are connected.
While the seemingly never-ending series of security breaches are certainly a public relations disaster for Sony, their long term effect on the company could be muted. A study by CBS-owned videogame site GameSpot of nearly 2,300 site visitors found most gamers — the demographic most widely affected by the incursions — willing to forgive and forget.
Only 14% of those surveyed said they no longer trust Sony with their personal data. Meanwhile, 23% said their trust is now higher, because the breach will force the company to impose tighter controls.
Experts say the recent hacker attacks are akin to aftershocks following a massive earthquake. Given how prominently Sony was breached, other members of the hacking community are eager to test for other weak spots. Unfortunately, they’re finding them.
“When vulnerability is identified, there’s a lot of copycat hackers looking to come after you,” says Hemu Nigam, founder of SSP Blue, an Internet security consultant business and former VP of Internet enforcement at the MPAA. “It’s almost like it’s a battle between Sony’s security companies and hackers who are saying ‘not good enough, not good enough, not good enough.’ “