PlayStation, Xbox Data Breaches Compromise 2.5M Accounts
Video game fans with user accounts for two popular systems, PlayStation and Xbox, are probably aware by now that the forums for both systems were hacked last week, compromising 2.5 million accounts.
While this is not an actual retail account—meaning the forums were not a place to use a credit card or enter highly sensitive personal identifiable information—it still speaks to a larger threat of possible identity theft.
First of all, user forums are similar to message boards or even social media sites that let fans connect with each other. They’re great places to ask questions, get further information, or point out technical problems. The answers typically come from your fellow users, although many companies have staff who respond as well, just to make sure the information is accurate and that customer service needs are addressed if they arise.
Typically, creating a user account on a forum will require entering your email address, then coming up with a username and password. In these data breaches, that information was all stolen, along with a little more unspecified personal user data.
On the surface, it’s tempting to think that this is a non-issue. After all, what’s a hacker going to do? Log into your forum account and post a ridiculous question? Instead, hacking events of any kind must be taken seriously; they speak to a lack of security, which could mean there are just as many lax protocol issues in other areas of the company. More importantly, breaches like these offer hackers a few pieces of your overall identity puzzle, and with enough pieces, your identity is at risk.
If you’re one of the 59% of tech users who reuse their passwords on different websites, a data breach like this one is far from harmless. All a hacker has to do is try your stolen email address and password combination on other sites and see what he gets. If he strikes data gold and gets access to your email account, it’s a simple matter of going to other major websites and clicking “forgot my password.” The link to reset the password comes to your email address, which the hacker now controls, and then the real theft begins.
It cannot be stated often enough: your online passwords have to be strong and unique. Strong means they contain a long combination of letters, numbers, and symbols, and unique means you don’t reuse them on multiple websites. As an extra layer of security, it’s also a good idea to change your passwords every so often in case news of an old data breach comes up. If your account was breached two years ago without your knowledge, changing your password will help protect that account from new criminal activity.
How much information are you putting out there? It's probably too much. To help you stop sharing Too Much Information, sign up for the TMI Weekly.