Threat of the month: PlayStation breach
Randy Abrams, ESET
The Sony PlayStation Network/Qriocity service breach of 77 million records contained a twist that makes it dangerous.
How does it work?
Not only were names, email addresses, billing addresses and passwords leaked, but the answers to security reset questions were leaked as well. This means that simply changing a password on the Sony network isn't going to protect other accounts that use challenge questions.
How can I prevent it?
If you are/were a user of the service, then you need to check all of your other accounts to see if you have password reset or security questions and change them if they are the same questions as used by Sony. I have long advocated using incorrect answers because the right answers are often easy to guess or learn. In this case, if you used the same wrong answer in other places in addition to Sony, you'll need to change those too.
