Only a single vulnerability is needed for hackers to exploit and put an entire database at risk. In order to avoid such vulnerabilities, database developers and application developers must dance to the same tune.
Sony’s data center in San Diego, CA was hacked into on April 19, 2011. The hackers had gained access of customers’ data through Sony’s PlayStation Network servers. This attack on Sony is said to be the largest personal data heist in history with reports estimating that around 77 million Qriocity and PSN users’ accounts and 24.5 million Sony Online Entertainment user accounts were affected. (Better Business Bureau, 2011).
Strange activities had been detected by Sony Corporation on their network system. They noticed unauthorized access of the company’s servers. A day after the attack, Sony decided to power down the affected systems and delayed restoration of the PSN services for users in the U.S until May 14. Users were later on required to change their usernames and passwords as an additional way of curbing further attacks. Since the attackers had exploited Sony’s website via its URL, they were thus forced to disable the page temporarily because attackers exploited the URL of Sony’s website (The Sydney Morning Herald, 2011).
Unfortunately, this was not the last attack. A series of attacks on Sony’s Online Entertainment services and the PSN were later on executed during the same period. These attacks were carried out on. Sony BMG Greece, Sony BMG Japan, So-Net ISP in Japan, and servers of Sony in Thailand (McMillan, 2011).
It was estimated that the personal information of 77 million Qriocity and PSN users, and 24.5 million online entertainment users was stolen. The attackers rummaged through a wealth of information concerning the users and their attributes such as names of users, their addresses, email addresses, and birth dates.