Icyedge said:
Is it common practice to encrypt users data such as name and adress on an already protected server? I cant think of any company that actually does that, including the company I work for and the one I work with before. With that said, maybe we should pass a law that requires companies to do so, im all for more protection, feel free to point me to a source if this is already required. |
There seems to be some common misconceptions floating around. It seems the credit card information
is transferred unencrypted at the moment somebody tranfers data to/from PSN. However, the credit card information on the server side is stored encrypted. So the russian hackers got plain text user information and encrypted credit card information. As you wrote above, this is the usual mix of data any company uses. All this whining "My card was charged recently, I want to sue Sony" is typical of American behaviour of trying to make a fast buck, and I sincerely hope all those lawsuits will be going nowhere and will backfire.
Incidentally, a large German online company has just issued a warning to all its users that their database was recently compromised and sensitive cc data might have been stolen. So this seems like a concerted effort by professional hackers (indications point to Russia/far East at the moment) not solely pointed towards Sony.
