breach

It happened again--hackers at LulzSecurity exposed Sony BMG's vulnerabilities and took hold of at least 1 million "unencrypted users, unencrypted admin accounts, government, and military passwords," according to the organization's Twitter status.

People at risk include those who have signed up for Sony or for Sony-related brands and sweepstakes, such as SonyPictures.com and TheYoungAndTheRestless.com. 

If you're one of these people, your personal data--e-mail address, home address, phone number, and date of birth--might be compromised. Use these tips to survive the breach:

1. Beware of fraudulent e-mails. Now that your e-mail address(es) has been exposed, you're vulnerable to phishing attacks. Look out for e-mails from seemingly legitimate sites (like Sony) asking you for personal information such as passwords or bank account information. Be careful when clicking links or opening attachments in e-mails, even if they appear to come from someone familiar or trusted.

2. Use a different e-mail for "junk." If you're using your primary e-mail when signing up for things like sweepstakes, create a "junk" e-mail address and use that instead. Some of the Sony accounts exposed were those associated with giveaways like "The Summer of Restless Beauty Instant Win."… Read more

The San Francisco Public Utilities Commission is warning its customers that their personal data may have been exposed in a recent breach, an SFPUC spokesman told CNET today.

SFPUC noticed a few weeks ago that an unsecured server that was storing customer data also had some viruses on it, according to spokesman Tyrone Jue. It's unclear how the server got infected with the viruses, he said, adding that "it looked like someone had found an open port on the server and dumped a bunch of viruses on it."

A file on the server contained customer names, account … Read more

City officials in Taipei, Taiwan, want more information about how Sony's PlayStation Network was breached, and a guarantee of better consumer protection in the future, according to a report.

The city's Law and Regulations Commission today sent a letter to Sony requesting more help for customers affected, according to IDG News Service. Sony has 10 days to respond before incurring a fine from the commission of between NT$30,000 (U.S. $1,041) and NT$300,000 (U.S. $10,408).

The same commission sent Sony a letter last month when the company first revealed that personal … Read more

If you tried to sign into PlayStation Network on your PS3 or PSP in the last 30 minutes, you may have had no luck. Do not be alarmed: Sony says that PSN will be down today but that it's not another security issue.

The company posted today on its PlayStation blog that PSN will be undergoing "maintenance" between 8 a.m. PT and 5 p.m. PT. That means many users will have trouble signing into the service on their PlayStation 3 console or PlayStation Portable handheld, but can still sign in to play games online, including … Read more

Sony Music Greece was hacked with its user data published to the Web and Sony Music Indonesia's Web site was defaced, according to an online news report.

The attacks, if confirmed, would be just the latest in a series of security problems the company has had in the past month starting with a distributed denial-of-service attack by the loosely organized hacker group Anonymous in early April to protest Sony's taking PS3 hackers to court.

A Sony spokeswoman provided this statement via e-mail this evening: "There was an online tweet that one page of Sony Music Indonesia's … Read more

Someone broke into the network of Japanese Internet service provider So-net Entertainment, a subsidiary of Sony Corp., compromised e-mail accounts, and stole customer rewards points earlier this week, The Wall Street Journal reported today.

It's unknown if the breach is related to recent attacks on Sony that exposed personal data from more than 100 million accounts at Sony Online Entertainment and the PlayStation Network (PSN). And earlier today, a security firm said it found that the Sony Thailand site had been compromised and was being used in a phishing attack designed to steal information, ZDNet UK reported.

"Although … Read more

When it comes to the attack on Sony's PlayStation Network, the only thing we're sure of is what we don't know: how it was done and who did it.

In the past four weeks since Sony shut down the gaming network, security researchers have been cobbling together theories of how someone broke into the PlayStation Network (PSN) and Sony Online Entertainment site, exposing personal data from more than 100 million accounts.

Security experts believe whoever was responsible exploited one or more security holes--but how they were exploited and who did it remains a bit of a mystery, … Read more

A virus that infected as many as 1,500 computers in Massachusetts unemployment offices may have allowed criminals to steal Social Security numbers and other data of individuals and businesses, a state agency warned today.

The W32.QAKBOT data-stealing virus infected the computers on the network of the Department of Unemployment Assistance and Career Services, as well as computers at One Stop Career Centers, according to a statement from the Massachusetts Labor and Workforce Development agency.

It's unclear how many individuals and employers might be affected. The virus only affects people who had their files manually accessed and employers … Read more

Windows 7 is four to five times less vulnerable to malware infections than is Windows XP.

Those are the findings of Microsoft's latest Security Intelligence Report (PDF), which detailed in depth the state of software vulnerabilities, exploits, security breaches, and malware in 2010.

Overall, the study found that infection rates for newer Microsoft operating systems with the latest service packs are consistently lower than those for older OSes, giving Windows 7 and Windows Server 2008 R2 the highest marks for security.

Looking at the number of reported infections per 1,000 computers, Microsoft found that Windows 7 64-bit had … Read more