If you haven't heard now there was a slight (I mean major) problem with the playstation network April 20th, it was hacked! Officials learned days before a hacker stole personal information from its 77 million users.
Yes you read right 77 MILLION people's Name's, Birthdays, email address' and basic login information (address, phone, username, password, and possibly Credit Card info) was compromised for players using its PlayStation Network (PSN). That includes me, I by having a playstation 3 and being on their network is quite certainly on that list.
So what does this mean to everyone NOT on the playstation network?This should be a warning that even Sony, on of the top technologically adept companies is not immune from online intrusions. I'm not too surprised, but they will not be the first or last on that list of corporate hacking casualties moving forward. The good thing is that this will be an example for others to see how things CAN go terribly wrong, then LEARN how to avoid the massive security and PR hit if something like this happens to a Fortune 1000 company.
What can WE do to learn from this? In this world today where Facebook is basically auctioning off your life to the highest bidder, and membership sites are getting profile information hacked... we have to keep a fresh perspective. Like Spiderman's uncle Ben said, "with great power, comes great responsibly" Not every company will always take responsibility for their shortcomings, for every Sony in the news, there are likely hundreds of online stores hacked every month.
Were still living in the infancy of the internet and the new information age. Here is a good example; in the early 1900's when the automobile became popular, there was no car insurance, seat-belts, even driver's licences. The drivers license was actually invented in 1915 by Jim Jordan when he was injured by an underage child driving a car recklessly. The Supreme Court finally passed it in 1923. It took almost a century to perfect the automobile, the infrastructure, and a few generations of humans getting used to the whole idea. The internet is in the same place! Were all getting used to the internet being a CONSTANT part of our lives, not knowing that it's really only about 20 years old. Remember we had Cars around for 20 years before anyone had to even get a licence!
Times they are a changin'. I love Bob Dylan, and he was right, technology and the way of life we see online is now in hyperdrive, so what do we do? We're all sucked into this vortex... do we dare get out, or just ride it out? Here are my 4 easy steps to avoid over-thinking this whole thing and go back to living life:
#1, Get some type of credit card or identify theft protection and check your bank statments. Banks are pretty good about calling you when there is a lot of activity on big purchases these days, but you may not notice that $25 charge every other month. Banking online is OK, it IS about the most secure thing you can do online these days. It is convenient to just log in once a month or so and review all you most recent activities from the month. As a technologist I embrace the convenience, banks have the most to lose in a case of a security breech, so they spend the most money protecting and insuring themselves.
#2, Try and reduce the amount of Credit Cards, Bank accounts, and other credit places of your life. Less is more, keep it simple. Part of the reason why people get robbed is that they have too many places to review every month so they don't even try. If you sign up for a new credit account, or open a new bank account, try to close an old one to make up for it. Otherwise you are creating more work for yourself.
#3, Create and use 3 sets of passwords. This one seams a bit silly, but so true. Start training your kids to setup a standard password system, when they grow up they will have to remember many passwords every day so get organized. I recommend you put your passwords in 3 categories: basic, work, and financial.
Basic Passwords: This is a password you should use for everyday websites like the playstation network, amazon, ebay, yahoo. It does not mean it shouldn't contain letters and numbers, but IF one of these websites get's hacked your going to be ok because there is not banking connections to them. "what about ebay or amazon?" your asking "they have the ability to make purchases in your name". Well, they also have insurance and if they or you get hacked, you can always call their customer service and get any purchases revoked quite easily if you tell them about the security breech.
Work Passwords: DON'T MIX PASSWORDS FROM HOME WITH WORK, often times you may have to give out your work password to a college, or frequently change it because they make you. Using your Basic or Financial Passwords will either cause you to eventually have to tell an IT guy or work partner your password to your life, just to they can help you fix a virus or login to your profile.
Financial Passwords: These are the passwords that are most important, they are usually the longest and hardest to figure out, UPPERCASE lowercase, numbers, symbols, yikes! Yes, you can create one master password here, but only use it to login to your credit card, mortgage, bank account, investor accounts. Anything you can transfer money in and out of from. Don't use it for facebook, that is by far most frequently hacked password these days.
There are many ways to STORE all these passwords, the best way i have found is to use a hand written notebook (it is more likely a thief will get your passwords off your computer than off your desk), consider using a password program like RoboForm or Password Safe. Of course another safe place is to store it in your head. Here is a great article in the NY Times on passwords.
#4, Never respond to an email asking to update or change your password for "security purposes". Banks or Paypal will NEVER ask you to change your password via email. This is a clear attempt to send you to a fake website that looks just like your banks, and when you enter in your username and password and it will give it directly to them. Check the addressbar, it should always read your banks web address.com. The email they give you in those scams will not always take you to the same address that shows in the hyperlink. Bottom line, always use the addressbar to type in bankofamerica.com instead of clicking a link in some email. 99.9% of the time, you will never have to change your password once it has been set anyway, so any email asking you to do so should always be a red flag.
Remember, if you get hacked or your credit card is stolen and used, most banks and credit card companies will refund your the same or next day in most cases of fraud. Be nice to their customer service people and tell them the truth. Have them re-issue you another card witha new number. If you shop online a lot, it's not all that uncommon, so don't think it's the end of the world... it happens every day, take a deep breath and call them... talking to someone will ease your frustration and fear as well as assure you it gets done. Sometimes changing your credit card number is a good thing, it causes you to re-evaluate all those companies setup on a re-occurring charge which could save you some cash in the long run anyway.