Cybercriminals Target Sony Ericsson Canada, Steal Confidential Information

By Author: eccuni
Total Articles: 211
Comment this article

In yet another security breach incident, cybercriminals intruded the servers of Sony Ericsson Canada. Attackers were allegedly successful in extracting names, e-mail addresses, and encrypted passwords of around 2000 customers from the website of Sony Ericsson Canada. Information security professionals have temporarily disabled the website, and are investigating the incident. Preliminary investigations have not revealed theft of credit card information. The security breach at Sony Ericsson is the new addition to a fresh series of security incidents on Sony corporations. The latest attack follows security incidents at Sony BMG Greece, So-net Japan, and reported live phishing site on the company's Thailand server. The breach at Sony BMG Greece, resulted in exposure of information related to around 8,500 individuals. Cybercriminals were successful in stealing funds worth 100,000 yen by breaching the security of So-net, the Japanese subsidiary of Sony. Last month, security breach at Sony's PlayStation Network and Sony Online Entertainment resulted in unauthorized access to personally identifiable information related to over 100 million ...
... customer accounts.

Frequent data breach incidents not only attract negative publicity, but also results in loss of customer trust and confidence. Confidentiality and security of customer databases is crucial for undisrupted business operations of a company. Unauthorized access to personally identifiable information may have privacy and financial implications for the affected individuals. Intruders may use the extracted information for identity theft, conducting unauthorized transactions, opening fraudulent accounts, applying for fraudulent credit card and loan accounts.

Affected individuals must immediately seek credit bureaus to issue a fraud alert on their accounts. They must regularly scrutinize their bank and credit card statements and reported suspicious or unauthorized transactions to their respective bank and credit institutions.

Hiring professionals qualified in masters of security science may help organizations in understanding the security scenario, identifying threat vectors and creating a robust IT security policy to safeguard IT infrastructure from security breaches. Regular vulnerability assessment and penetration tests could help in identifying weaknesses and vulnerabilities and initiating mitigating measures. Organizations must have proper patch management policy in place for timely identification and application of requisite security patches and updates. Employees must be encouraged to undertake online degree and e-learning programs to understand various types of social engineering threats and cyber security tips.

Government and industry associations must encourage students to undertake online university degree courses and IT security certifications to meet the future demand for cyber security specialists and strengthen defenses of critical infrastructure facilities and business organizations from vibrant cyber threats.