Personal information on a total of 100 million people has possibly been hacked and leaked from online game and other Internet services provided by the Sony Group worldwide, sparking fears that it could develop into the worst information leakage case ever.
Sony has been under fire for being slow to announce the incident. It is essential for the electronics and entertainment giant to clarify the whole picture of the damage as quickly as possible and gather itself together to follow up the case in order to recover consumers' confidence.
According to the revelation, personal information including the names, IDs and passwords of about 77 million people in some 60 countries -- mainly in North America -- was hacked and leaked from Sony's Internet services that provide game software for PlayStation 3 and other game consoles and distribute movies and music for TV viewers.
Furthermore, private information on some 24.6 million people may have also been illegally accessed through the website of Sony's U.S. subsidiary, which runs online game services. It is feared that information on a total of 12.3 million credit cards has also been leaked.
The game of cat and mouse played between hackers and Internet companies is not something new, and companies need to keep in mind that their security walls could be breached by hackers at anytime. It is imperative for Internet companies, which amass a massive amount of personal data, to be prepared against hacking. Sony, however, had not even encoded personal information sufficiently, and its information control system should be reviewed as swiftly as possible.
Sony's response to the information leakage crisis is also questionable. It took the company a whole week to announce the leakage since illegal access was uncovered. The company needs to expend all possible means to ensure no secondary damage such as the abuse of leaked personal information takes place. What's more, Sony reportedly declined to attend a hearing as requested by U.S. Congress on the grounds that the case is still under investigation.
It reminds us of the Toyota recall scandal last year, where Toyota Motor Corp. drew fire for its delayed report on glitches to U.S. authorities. The incident also comes just as Japan's response to the quake- and tsunami-crippled Fukushima No. 1 Nuclear Power Plant is being scrutinized by the global community in an increasingly severe manner. Sony is urged to deal with the information leaks in an appropriate manner so that the case would not further undermine confidence in Japan.
In the meantime, the latest case once again calls our attention to the inherent danger of the Internet. Commercial use of the Internet has become a worldwide norm, to the point where it cannot be handled within the framework of the current Internet system. For example, IP addresses -- allocated to each personal computer and mobile phone hooked up to the Internet -- are running out, making additional IP addresses unavailable.
Shifting Internet access into a next-generation framework is being considered. It envisages a drastic increase in the number of IP addresses and dramatically enhanced security. We need to step up our efforts to bring about the transfer as soon as possible, on top of security efforts by each company, in order to protect Internet users.
Sony has been under fire for being slow to announce the incident. It is essential for the electronics and entertainment giant to clarify the whole picture of the damage as quickly as possible and gather itself together to follow up the case in order to recover consumers' confidence.
According to the revelation, personal information including the names, IDs and passwords of about 77 million people in some 60 countries -- mainly in North America -- was hacked and leaked from Sony's Internet services that provide game software for PlayStation 3 and other game consoles and distribute movies and music for TV viewers.
Furthermore, private information on some 24.6 million people may have also been illegally accessed through the website of Sony's U.S. subsidiary, which runs online game services. It is feared that information on a total of 12.3 million credit cards has also been leaked.
The game of cat and mouse played between hackers and Internet companies is not something new, and companies need to keep in mind that their security walls could be breached by hackers at anytime. It is imperative for Internet companies, which amass a massive amount of personal data, to be prepared against hacking. Sony, however, had not even encoded personal information sufficiently, and its information control system should be reviewed as swiftly as possible.
Sony's response to the information leakage crisis is also questionable. It took the company a whole week to announce the leakage since illegal access was uncovered. The company needs to expend all possible means to ensure no secondary damage such as the abuse of leaked personal information takes place. What's more, Sony reportedly declined to attend a hearing as requested by U.S. Congress on the grounds that the case is still under investigation.
It reminds us of the Toyota recall scandal last year, where Toyota Motor Corp. drew fire for its delayed report on glitches to U.S. authorities. The incident also comes just as Japan's response to the quake- and tsunami-crippled Fukushima No. 1 Nuclear Power Plant is being scrutinized by the global community in an increasingly severe manner. Sony is urged to deal with the information leaks in an appropriate manner so that the case would not further undermine confidence in Japan.
In the meantime, the latest case once again calls our attention to the inherent danger of the Internet. Commercial use of the Internet has become a worldwide norm, to the point where it cannot be handled within the framework of the current Internet system. For example, IP addresses -- allocated to each personal computer and mobile phone hooked up to the Internet -- are running out, making additional IP addresses unavailable.
Shifting Internet access into a next-generation framework is being considered. It envisages a drastic increase in the number of IP addresses and dramatically enhanced security. We need to step up our efforts to bring about the transfer as soon as possible, on top of security efforts by each company, in order to protect Internet users.