It's starting to sound like a broken record: Sony has been hacked, again.
On Friday, I saw articles saying that Sony had suffered a new hack that exposed more security issues than the original hack last month. F-Secure found a live phishing site running on a Sony server. A Reuters article reported on this particular attack:
A hacked page on a Sony website in Thailand directed users to a fake site posing as an Italian credit card company. The site was designed to steal information from customers, Internet security firm F-Secure disclosed on Friday.
Apparently, it doesn't end there. Today, I saw an article that the Sony BMG website in Greece has also been hacked. According to a Sophos blog:
An anonymous poster has uploaded a user database to pastebin.com, including the usernames, real names and email addresses of users registered on SonyMusic.gr.
An article at Venture Beat said that the Greece hack is more severe than the Thailand attack and more similar to the massive assault on Sony's PlayStation Network. The article continued:
At this point, it's pretty clear that hackers are targeting pretty much all of Sony's sites and services, no matter how obscure. Sony should anticipate this and have the security of all of their sites double and triple-checked. As Sophos points out, that will likely cost less than fixing exploits after the fact, not to mention dealing with the fallout of yet another security failure.
Since everything seems to be piling on Sony at the moment, reports are the PlayStation Network hack will cost Sony approximately $170 million. Sony had already been hurt because of the earthquake and tsunami that hit Japan in March.
But there may be a glimmer of positive news out there for Sony. As the Sophos blog said:
While it's cruel to kick someone while they're down, when this is over, Sony may end up being one of the most secure web assets on the net.