I found a lot of erroneous assumptions, and massive generalizations in this thread. Firstly leaks and hacks are not actually the same thing. Poor design philosophy is neither of those either. A hack is an attentional act to obtain information that a host does not want accessed, and is actively denying. A leak is a release of information that should not be viewed by the public. This can be both intentional or unintentional. A poor design philosophy say a device that collects, and retains some information that could harm a user if if fell into the wrong hands. All these things are different, and you cannot substitute one for another.
Secondly rarity is only valid in comparison to a bulk. You cannot simply cite examples as a proof of commonality. That logic only would apply to disproving an anomaly. To prove rarity you need to divide the number of incidents by the number of sites. In this case I would say hacks are rare, hacks that obtain personal information are rarer, and hacks that access what are truly massive databases are excedingly rare. So yes this was a very rare event, and the scale of breach is noteworthy. The scale of the breach is also grounds for real concern and consternation. Sony in its breach allowed access to data that might take hundreds or thousands of smaller attacks to obtain. All of which would never have happened simultaneously. This is going to cost a lot of money for Sony, consumers, financial institutions, and governments. To put it plainly Sony just cost you money whether you are a direct victim. Your tax money is going to have to pay for this.
Thirdly everyone doing something is neither a justification or a excuse. That is not a opinion either. That is the law. You are responsible for your own conduct. What anyone else does is irrelevant. Whether anyone else gets caught is also very much irrelevant. Sony gambled with security, and they got caught. They probably aren't even sorry for what they did. They are just sorry they got caught. They shorted on security, and they got ransacked. The difference between Sony and the other offenders is that Sony had a lot more to be sorry about. Big targets are inviting targets. They are just plain guilty as charged. There is no excuse for their part in this fiasco. So do not make excuses for them.
What I find ironic in all this hand wringing with the security breach is that nobody seems to understand how incredibly lucky both Sony and their customers were. The system was breached by what appears to be theives. Imagine if it were the cyber equivalent of arsonists. Imagine if they had placed malicious code into a system patch. The PS3 today could be labeled the Chernobyl of home electronics. Imagine millions of consoles locking up in the coarse of a day. Had these hackers been concerned with something else, or perhaps a little more skilled upon getting inside they might have just plain killed the console. Just consider that before you excuse Sony. Would you be doing that if the Hacks damage was a little less then theoretical. Would you feel this way instead of some stolen data you might have a brick that could take months to replace?
