Last week 100 million identities were stolen. If you're a member of Sony's PlayStation Network or Sony Online Entertainment, your user account data may be among the vast cache raided by an unknown hacker. The stolen information included names, postal addresses, email addresses, birth dates, account logins and passwords. Credit and debit card data may have been stolen too.
If this was an isolated incident, it would be bad enough. But it's the tip of the iceberg.
Last month, online marketing giant Epsilon was hacked, exposing the names and email addresses of millions of people in what may be the largest data breach in U.S. history. But wait, there's more:
According to the Open Security Foundation, an organization that compiles incidents of data breaches, there were 51 reported breaches in April alone; the total for 2010 is 486. The good news–if there is any–is that the number of incidents has been going down.
Still, these data breaches come at a steep price. Security experts estimate that Sony may shoulder as much of $2 billion in related costs, not including loss of customer loyalty. Those whose identity was stolen may have costs related to credit card fraud or possibly have their bank accounts emptied if criminals obtained debit card information. Then there's the added anxiety from not knowing what might happen.
As more of our personal information and digital lives are stored in the cloud, data security becomes even more important. Yet no one seems immune from attack. As I wrote last week, the clandestine group Anonymous broke into the servers ofÂ security firm HBGary.Â These are the guys that “provide tools and services to serve the American government and employers who need to protect their assets and information from espionage and international and domestic terrorism,” according to their website.
So what can you do to protect yourself?
BBC News asked a panel of experts to weigh in on the Sony crisis. Graham Cluley, a senior security consultant at Sophos, recommends using different passwords for each of your accounts, always a good idea. If one is stolen, the rest won't be compromised. “It may also be that people should consider having a different credit card for online purchases.”
He also offered this surprising advice: “People should also consider lying about some of their details. I have given Facebook a phoney date of birth for instance.” Does using fake information open up a can of worms? Unless you keep track of it, it could come back to bite you.
Unfortunately, personal information has become almost as valuable as gold and at the moment, the gold diggers seem to be gaining the upper hand in the Data Wars.