//
you're reading...
Security

PSN users offered complimentary identity protection

…but only in the US.
…but maybe elsewhere later.
ID Protection
Sony Are offering accounts with the identity protection scheme AllClearID Plus.
The scheme announced includes a $1,000,000 insurance policy per user. I presume you’d have to prove somehow that the ID fraud was as a result if the PSN exposure but it isn’t an insignificant move. They are likely to be hit by a class action suite in the US and so showing excessive measures in helping and protecting users will help them at a corporate level. The measure will likely be extended in some way to users in other regions.
The US offer is open until 18/Jun/2011.
Letter from CEO
In another blog post, Howard Stringer, UK born CEO of Sony, apologised again for the breach and covered some of the Welcome Back pack items and the ID protection mentioned above.
EU Blog
The PSN EU blog sprung into life again with these announcements, plus the further announcement that the final testing phase of the new security measures a taking place.
PSN nears relaunch
I hope that this includes another external, not previously used, security firm performing a White Box test, with maximum knowledge of the system assumed as well as a Grey or Black Box tests, where the tester has little or no knowledge of how the system works or is protected. This White Box test additionally indicates how susceptible the system is to any corporations worst nightmare; the insider attack.
I hope that internal protection measures will be announced as well as protection from external forces. The is a huge cost involved in protecting from insider attack but in this case Sony may massively recoup the costs in reputation alone.
Anonymous Announcement
The Hacker Forum and Hacktivists known as Anonymous Hve made an announcement denying that they are involved in any data theft of credit card or financial information of standard users of the Internet.
A good number of bloggers and commentators are pointing out that the nature of the Anonymous setup may mean that whilst the forum was actively attacking Sony in a DDOS (they disapprove of the legal action Sony has taken relating to PS3 hacks and so launched what they termed OpSony) another member may have gone freelance and used the DDOS as cover. Anonymous lives up to it’s name and so they only have trust to go on.

References:
Sony ID protection offer
Letter from CEO, Sony
AllClearID
Anonymous Statement (OpSony) [CAUTION]

– Posted using BlogPress

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

Categories

RSS This Blog…

  • An error has occurred; the feed is probably down. Try again later.

Share me…

Bookmark and Share

Twitter Updates

May 2011
S M T W T F S
« Apr   Jun »
1234567
891011121314
15161718192021
22232425262728
293031  
%d bloggers like this: