It's May 4th -- do you know where your data is?
Sony Corporation's headquarters is seen on December 10, 2008 in Tokyo, Japan.
We first heard about Sony being hacked a couple of weeks ago. That's when the PlayStation Network went down. There was no explanation for a few days as the whole thing was dealt with internally, but after the network had been down for five days or so, people began wondering what was going on. They soon found out: a massive security breach, one of the largest in history, in which up to 77 million people had personal information stolen.
Late Monday brought word of a SECOND hack, this one of Sony's Online Entertainment Network. Twenty-four thousand customers had their credit card details ripped off. Sony says the data was old, dating back to 2007. So while it's very likely that much of the information was outdated, one wonders why it was just sitting there on a server in the first place.
We talk to Chet Wisniewski from the security firm Sophos about this. He says that while every company has different approaches when it comes to data retention, there are often problems when a bigger company acquires a smaller one and must become the custodian of a whole bunch of data that might be set up in a completely different way.
We also talk to Erica Newland, policy analyst for The Center for Democracy and Technology's Consumer Privacy Project. She says that among major industrialized countries, there are only two that have no baseline law about data retention: Turkey and The United States. But there's a lot of momentum in Congress to get something done. Sony's recent difficulties would seem to spur that along.
Also in this program, Throwbot is the name being used for what is essentially a robot pirate. It's a tiny little robot that can stick to the side of a ship, climb up, jump the rail, and spy on, well, ACTUAL PIRATES.