On April 19, 2011, Sony’s PlayStation Network was compromised by a hacker (link). Sony believes that user account information was obtained, including the user’s real name, home address, e–mail address, birth date, username, password, credit card number, and credit card expiration date! According to CNN, Sony’s PlayStation Network has 70 million users that may be affected by this data breach.
This is another reminder of how important it is to use separate, strong passwords for each online account that you have. As I mentioned in a previous posting, a recent study concluded that 75% of users had the same password for both their e–mail accounts and their social networking accounts. If hackers are able to obtain your username and password from one company, they may try the same username and password combination at other popular Web sites. The Sony PlayStation Network breach this month follows breaches of personal customer information of Honda and Acura customers in January 2011, McDonald’s customers in December 2010, and Gawker Media users in December 2010. For a detailed list of other reported data breaches, see the list at Privacy Rights Clearinghouse, a nonprofit consumer organization (at this time of this posting, they listed 2,447 publicly–reported data breaches since 2005!).
I’ve previously written about ways to keep track of and securely store your important passwords and online account information. For online accounts, Microsoft recommends creating strong passwords of 14 characters or more with a combination of uppercase letters, lowercase letters, numbers, and symbols. It’s difficult to remember strong passwords, and it’s easy to make a typo when entering them. As I’ve mentioned before, there are tools that enable you to create and maintain an encrypted electronic list of passwords and online accounts on your smartphone or your computer, and these tools can integrate with your Web browser and automatically look up and enter your passwords for your online accounts. For example, LastPass, KeePass, 1Password, and RoboForm, among others.
Remember to let your family members and fiduciaries know where you keep your “master” password to unlock your encrypted electronic list of passwords and online accounts, and make sure they know where your encrypted electronic list is kept too.