Sony Left Personal Data for Millions Unprotected
A spreadsheet leaked by unidentified hackers and obtained by Gawker shows just how little Sony cared about the privacy of its customers and employees: millions of private records were stored without any encryption.
We've already seen how lax Sony's security standards are—the company was storing its secret passwords in giant, obviously titled text files, and just this year decided to not inform the victims of a February server breach. This newly discovered document from 2011 shows that not only is Sony's security bad, but Sony knows its security is bad. It's one big admission of ineptitude.
In the spreadsheet, Sony compiled a full list of its online properties like Crackle and SonyPictures.com, noting how many individual records are hosted on each and whether they're encrypted. The report is bleak: virtually all of the sites were hosting tens of thousands (or in some cases, millions) of personal records sans encryption of any kind—meaning anyone who got their hands on the data would be able to sift through it at will.
You can read the list in its entirety below: