You don't really understand how encryption works. You need the key. The key changes.

Security through obscurity is still security. They are still ahead. How can you cite news articles and then say they didn't get bad press over it? You are using the bad press to prove your point! You are proving yourself wrong with your own damned evidence!

Also you might want to read my statements. I never said other companies always told people up front. I made a specific point not to claim that. Many other companies delayed informing people. Most don't. Those that do should be slammed for failing to mention it, because they fucked up.

By the time the encryption is broken the password is changed, and your work is null and void. There is no point in taking encrypted passwords. Thats why you encrypt the passwords. Also, it is known now that the data was un-ecrypted. Sony has admitted as much.

Two important bits here. You can't cite a news source and then say it didn't get coverage. Doesn't compute. Secondly, just because you are hearing more about it does not mean it wasn't covered. Major news outlets have not given this a ton of coverage from what I have seen. They have barely given it any at all until the Senator filed a suit. The gaming news is covering it more. Give you 3 guesses as to why that is.

You also kill another of your points. You try to claim there was a lack of response similar to Sony's, but then go on to state the hack wasn't discovered. Do you see the link there? You can't report a data leak you don't know about. Unless it is discovered there is no way to inform the public. The fact that it wasn't discovered in other cases is big news on its own, but linked to the other info as you have it all it does is invalidate more of your response.

You can always crak the encryption given enough time. Give it a few weeks to potentially years and they can get what the password used to be.

They admitted that passwords were unencrypted?

Jesus Christ.

FUCKING WORDPRESS USES ENCRYPTION FOR COMMENTING.

Fuck off, Sony. Seriously. Just retarded.

You don't really understand how encryption works. You need the key. The key changes.

You really don't understand the word worse do you

You don't need the key, you can break it without the key

"Q: Was my personal data encrypted?
 A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

I am constantly amazed that anyone in IT would allow unencrypted passwords. I just don't get what they are thinking. There is no benefit to storing that shit in plain text.