It’s funny how these things go, isn’t it? First, some claimed that Sony stored their passwords in plain text instead of hashed, like is common in the industry. This was shot down by Sony. The next misconception that came up was that Sony didn’t encrypt its credit card information when, in fact, they did. Hit the break to check out how the latest rumor has been debunked.
The latest rumor was that Sony’s Apache servers were out of date and without firewalls. Now, along with the previous rumors, this one has been debunked. Sony’s Patrick Seybold, which seems to be a household name by now, talked about how everything was updated and ready to go.
“The previous network for Sony Network Entertainment International and Sony Online Entertainment used servers that were patched and updated recently, and had multiple security measures in place, including firewalls.”
Don’t want to take Sony’s word for it? Someone on the forums at Beyond3D dug up additional evidence that Sony was actually using the latest up-to-date Apache version available, version 2.2.17. As much as it is hard for all of us – me included – to be patient with Sony at this point, it doesn’t seem to ultimately have been an issue with their security, because they were doing what was “industry standard” the whole time. This means that any company out there could have been attacked and brought down in this manner, it just happened to be Sony that this group of hackers went after.