Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lawsuit Claims Sony Canned Security Staff Just Before Data Breach

Posted by Soulskill on from the perhaps-a-lesson-has-been-learned dept.

Stoobalou writes "A lawsuit filed this week suggests that Sony sacked a group of employees from its network security division just two weeks before the company's servers were hacked and its customers' credit card details were leaked. The suit, which seeks class action status, is being brought by victims of the massive data breach that took place in April."

6 of 99 comments (clear)

  1. 2 weeks by Aladrin · · Score: 5, Insightful

    Like 2 weeks was enough to cause the massive problems Sony had. Hah.

    No, more like, Sony found out they were incompetent and was firing them for that. Too little too late, obviously.

    And what should have Sony done, when they realized they weren't secure? Shut down their entire business for months until they could hopefully secure things?

    I'm not pulling 'months' from nowhere, either. Sony's Japanese PSN is still down while they secure it because the government won't let them bring it back up.

    --
    "If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
    1. Re:2 weeks by zigziggityzoo · · Score: 4, Insightful

      Or - they were fired, and two weeks later hacked into the systems themselves.

      --
      Zing!
    2. Re:2 weeks by hey! · · Score: 5, Insightful

      We're speculating here, and it's easy enough to cast the fired guys as villains or victims depending on what you want to imagine.

      In the universe where they're victims:

      That the security breech occurred so soon after these guys were fired is far from proof that they were incompetents. Two weeks is plenty of time for key systems to be mis-configured by a replacement who doesn't understand what's going on, or to fail to perform some important maintenance task like applying a critical security patch. It is also possible that the attack ought to have been detected and contained, but there was nobody left who knew how to do that.

      In the universe where they're villains:

      That the security breech occurred so soon after these guys were fired suggests they failed to secure the system, or were in fact actually malicious themselves. Two weeks would not be enough time to fix much after you fired them.

      In any conceivable universe:

      It would be stupid fire all your security guys for incompetence without bringing in replacements *first*. Even if these guys are incompetent, they know details that their competent replacements will need to know, and which are probably not well documented. Not knowing these details would set the competent replacements back far enough that they might take several more weeks to get things locked down properly.

      Being prepared before you give the old team the boot goes even if you have *malicious* network guys. If management knows its job, they get the security tiger team AND the legal team AND the computer forensics team ready for action before the evil admins realize anyone's on to them. Then one morning the admins find themselves locked out of work and subpoenaed, and the systems all shut down damn the cost until the new security team say it's kosher to open for business.

      In the universe we actually live in:

      As yet we know very little about how the security disaster happened, and have no idea whether the events mentioned in the lawsuit are relevant at all.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  2. Built-in defense by DaveV1.0 · · Score: 1, Insightful

    "They weren't doing their jobs so we fired them. Why do you think the intrusion happened in the first place?"

    --
    There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
  3. Re:Are they responsible? by marcosdumay · · Score: 4, Insightful

    Maybe they were fired because they complained too much that Sony didn't care about security. Or that they upped that complain into the CEO, that preferred the CIO version. Maybe they threatened to make the problem public and their boss didn't like it. Maybe they weren't seen as productive because they kept fixing things the entire day, instead of helping build new things, and were understaffed. Maybe the company didn't like the policies they tried to put in place, so not only didn't accept the policies, but also fired them (this option seems to be quite likely). Maybe they weren't competent enough to put some good security in place, but still dedicated enough to security so that they anoyed people. Or, finally maybe they were justly fired by incompentence.

    --
    Rethinking email
  4. Re:So they sacked them too early by Jah-Wren+Ryel · · Score: 3, Insightful

    And never tell an IT working they are being sacked until they are already gone and passwords have been changed.

    That is terrible advice, especially the "never" part.

    There is a cost to treating employees that way - it promotes a pervasive culture of distrust within the company that can be extremely damaging. It tends to chase the best and brightest on to somewhere else where they feel more respected and encourages a punch-clock mentality among those who do stay.

    It isn't like a unilateral policy is a guarantee against sabotage anyway - it doesn't take a whole of lot of brain-power for an off-balance IT guy to set up a dead-man's switch that will kick off a bunch of havoc unless he logs in to disarm it on a regular basis.

    Far better that managers should actually manage and determine on a case by case basis if the person being terminated requires exceptional handling or not.

    --
    When information is power, privacy is freedom.