More details continue to surface on the full extent of the Sony data breach, all of which makes for a more embarrassing storyline for that company and a more severe warning for all others.
Sony recently announced that the breach, which, when first discovered last month was estimated to have impacted 10 million users, may have been far more serious than once thought.
Sony now says it believes that the breach involved personal information of 24.6 million users of its Sony Online Entertainment service. The previous estimate of 10 million was the total number of users whose credit and debit card information went missing, Sony says, while the names, addresses, email addresses, account user names and passwords and personal phone numbers have been leaked for a total of 24.6 million.
Not only does this attack result in a black eye for Sony’s data security reputation, it also impacts its business continuity and has made it miss out on significant opportunities for revenue while it continues its investigation with the FBI.
“Upon discovery of this additional information, the company promptly shut down all servers related to SOE services while continuing to review and upgrade all of its online security systems in the face of these unprecedented cyber attacks,” Sony’s most recent statement explained. “On May 1, Sony apologized to its customers for the inconvenience caused by its network services outages. The company is working with the FBI and continuing its own full investigation while working to restore all services.”
The breach brings to light the importance of data protection, as seemingly every company is susceptible to the same risks. The financial impact only intensifies these threats, as a study conducted by the Ponemon Institute found the average cost per data breach in the United States jumped from $6.8 million in 2009 to $7.2 million last year.