Sony PS3 Website Hacked

Sony’s web security disaster is just the latest example of when bad things happen to good websites.

Hackers used SQL injection to “add unauthorised code to pages promoting PlayStation games SingStar Pop and God of War. The malware claims to undertake an antivirus scan and displays a fake message stating that the visitor's computer has been infected. The visitor is then urged to purchase a bogus security product to clean up the 'infection'” (

Big websites are simply big targets for cyber-criminals. Not that being small is any protection; hackers can and do use tactics that can attack hundreds of thousands of websites at the same time, and the size of the website is completely irrelevant.

These kinds of attacks happen pretty much every day and can potentially leave millions of people vulnerable to ID theft. But don’t take my word for it. Check out the latest updates on security breaches in the Tech//404 Data Loss Archive. Or calculate what a security breach could cost your organization with the Tech//404 Data Loss Cost Calculator.

The calculator tool shows an "average"-sized security breach could cost an organization between $9 million and $14 million in legal bills, damage control and after-the-fact security application deployment. Even the biggest organizations can be crippled by these kinds of damages. Smaller ones would be put out of business overnight. Whether organizations are big or small, web application security needs to be taken seriously -- ideally in the development stage, before the application even goes "live".

Has your company's website undergone a web application security audit? Bad things happen to good websites all the time.