Sony owned by hackers: is this the Big One?

So, should we talk about privacy now?

When Sony was first hacked in April, losing the personal info of 77 million PlayStation users to unknown attackers, I predicted the incident would likely have no impact whatsoever on the way companies and users deal with privacy. Yes, it was a massive breach. Yes, Sony failed to take simple precautions to protect its customers. And no, Sony was not respectful or clear with their own customers in explaining the incident.

But so what? To the 77 million compromised gamers, it is still difficult to say what exactly they lost. We’ve yet to see any large-scale fraud, and in the short term, Sony has bought back the business—if not the sympathies of these individuals—by throwing them a couple of free games. Well, not all of them—there is the inevitable class-action suit underway. But still, for privacy on the web, it’s been business as usual since the Sony hack.

So what would bring a privacy Chernobyl? A massive meltdown that would make us rethink the very act of sharing information with massive companies who do not necessarily have our best interests in mind? Perhaps, I speculated, if the Sony hackers dumped all of the data into the open Web where anyone could use it for any purpose, maybe then we’d have a long overdue conversation about privacy.

Well, it’s happened. And it’s happened, once again, to Sony.

LulzSec, the new kid in town when it comes to fun-loving info-anarchist vigilantism, has followed up their recent PBS attack with a crippling attack on Sony Pictures’ website. With little effort (they claim), LulzSec scraped one million names with corresponding email addresses, home addresses, telephone numbers, usernames and passwords—and they dumped all of the data into BitTorrent.

This may seem like a smaller breach than the initial Sony hack. In terms of the number of people affected, it certainly is. But the severity of the leak could be much, much greater. Sony will scramble to ameliorate things, some will sue, many will change their usernames and passwords, some will change their email addresses and even cellphone numbers. But home addresses?

These million of users are now the go-to targets for every fraudster, spammer and scumbag on the Internet. Thanks, Sony!

So…should we talk about privacy now?