Gamers have attacked Sony for waiting a week before revealing a security breach in the PlayStation Network, with industry experts calling for tougher privacy laws.
Sony Corporation today announced the credit card data of PlayStation users may have been stolen after hackers broke into its network, forcing its shutdown, on April 19.
Seventy-seven-million user accounts have been disconnected worldwide and experts have described the scale of the breach as staggering. More than 700,000 Australian consumers have been affected.
Colin Jacobs, chair of Electronic Frontiers Australia (EFA), said the incident highlighted the need for legislation making it mandatory for companies to publicly announce a security breach as soon as happens.
“At the moment, companies can wait two days, five days, or more than a week, to let people know,” he said.
“We need to have an Australian law in place so that if a company knows that private information has been breached, they have to let the public know straight away.”
PlayStation users in Australia are being urged to change their passwords, usernames and pins, and monitor their credit usage.
“In this particular instance, the risk appears to be one of possible phishing targeting later on and that is unsolicited contact by email or telephone,” said NSW Police Force Fraud Squad Commander Detective Superintendent Col Dyson.
“Certainly, people should be changing … regularly not just their passwords but their usernames as well.”
PlayStation user Brendan Hill, 31, said the breach means he won’t buy any products online from Sony again.
“We just won’t ever purchase anything from them again,” he said, adding he was frustrated by the lack of communication from Sony.
“It (the PlayStation) basically kept saying there was a connection error our end… I know a bunch of people who spent three hours on their network trying to fix it.
“They should have put a statement up straight away saying that the network was down.”
Gamer Joel Connelly, from Sydney, said he was disappointed by Sony’s approach.
“They have almost let people believe that it was a harmless problem, when in actual fact they just weren’t telling us that someone might have our information,” the 29-year-old said.
“I was going to spend my Easter playing Call of Duty: Black Ops with my friends … but instead we actually hung out and got a drink.
“In a way, the hackers have liberated me from the tyranny of the PlayStation Network.”
Sony, in a statement released on the PlayStation blog, defended the time it took to respond to the security breach.
“It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach,” said Patrick Seybold, Sony’s Senior Director of Corporate Communications and Social Media.
Sony warned customers to be “especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information”.