Spafford states that security experts monitoring open internet forums had found out that Sony was running outdated versions of the Apache web server, with no patches applied. To make matters worse, Sony did not have a firewall installed. Topping it all off, these security experts reported these flaws months before the current breaches on security forums monitored by Sony employees. Wow.
"If Dr Spafford's assessment is accurate, it's inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed," said Jeff Fox, Consumer Reports Technology Editor.
Let's be clear here: the folks who stole the data are criminals and need to be apprehended. However, if Spafford's story is true, and you'd think that you wouldn't lie during a congressional hearing, you can easily argue that Sony are criminals as well.....This is going to cost them dearly in law suits and damages - and rightfully so.
For any PS3 owners out there, I'd suggest trading everything in and get a 360 instead. Also change your credit/debit card just in case, since the hackers have, if my sources are correct, 77 million accounts of peoples information from the first hack, and over 25 million from the second hack.
- Zeowingsfan likes this