Vi ricorderete sicuramente l’attacco informatico di LulzSec ai danni di Sony Pictures. In quella occasione l’hacker aveva dichiarato di esser riuscito a mettere l mani ai dati di 1.000.000 tra utenti e dipendenti di Sony Pictures. Secondo fonti ufficiali il bottino dell’hacker sarebbe stato molto più contenuto, riuscendo a rubare a malapena il 4% di tutti i dati che aveva dichiarato ovvero circa 37.500 account. Ovviamente anche il furto di un solo account è uno scenario inaccettabile che nel mondo professionale non può verificarsi, tuttavia molte persone potranno ora tirare un sospiro di sollievo. Nel server Sony non erano inoltre memorizzati dati di carte di credito ma solo indirizzi, nomi e numeri di telefono. Sony ha già dichiarato che sta collaborando con FBI per rintracciare la fonte dell’attacco. Di seguito vi lasciamo, per i più curiosi, il comunicato stampa ufficiale di Sony in merito alla vicenda.
[toggle_box title=”Comunicato Sony” width=”450″]Sonypictures.com data security incident
June 8, 2011 – Sony Pictures Entertainment (SPE) has provided notice to the approximately 37,500 people who may have had some personally identifiable information stolen during the recent attack on sonypictures.com. SPE did not request, and the stolen information did not include, any credit card information, social security numbers or driver license numbers from these people.
* * * *
On June 2, 2011, we learned we were the target of a cyberattack when a hacker claimed that he had recently broken into sonypictures.com. Upon learning of this cyberattack, our team retained outside experts to conduct an investigation and forensic analysis. In addition, we promptly took offline all potentially affected databases containing personally identifiable information and contacted the U.S. Federal Bureau of Investigation. We are working with the FBI to assist in the identification of those responsible for this crime.
We greatly appreciate your patience, understanding and goodwill as we work to resolve these issues quickly and efficiently.
We are continuing to investigate the details of this cyberattack; however, we believe that one or more unauthorized persons may have obtained some or all of the following information that you may have provided to us in connection with certain promotions or sweepstakes: name, address, email address, telephone number, gender, date of birth, and website password and user name.
For your security, we encourage you to be aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony Pictures Entertainment will not contact you by email or otherwise to ask for your credit card number or social security number. If you are asked for this information, you can be confident Sony Pictures Entertainment is not the entity asking. When our website features are fully restored, we strongly recommend that you log on and change your password. If you use your Sony Pictures website user name or password for other unrelated services or accounts, we strongly recommend that you change them there, as well.
If you have concerns about the effect of this cyberattack on information you may have provided to us, we have listed below additional information and resources for your consideration:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
At no charge, U.S. residents can have the three major U.S. credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov.
We will provide you separately with information about a complimentary offering to assist you to the extent you may be interested in enrolling in identity theft protection services and/or similar programs.
We thank you for your patience as we complete our investigation of this cyberattack, and we regret any inconvenience. Our teams are working to restore as soon as possible any website features that have been disabled. Please contact our Toll Free Information Line at 1-855-401-2644, Monday-Friday, between 9 am and 5 pm Central, should you have any additional questions.
Sony Pictures Entertainment Inc.[/toggle_box]