Sony Hackers Stole $253 Million Worth of Music Files

[Esau.]

http://www.wired.com/2012/03/sony-music-hack/

It appears that hackers who breached Sony’s networks last year absconded with more than just the personal information of millions of Sony Play Station users. They also stole more than 50,000 music files, including Michael Jackson’s entire back catalogue of published music, as well as previously unreleased tracks.

The lost music is estimated to be worth around $253 million, according to the Daily Mail. Sony discovered the theft within weeks of its occurrence, but kept the news under wraps, though the Jackson estate was told of the breach at the time. Because no personal customer data was stolen, Sony was not required to publicly disclose the breach.

Sony discovered the hack through routine monitoring of social networking sites, Michael Jackson fan sites and hacker forums, according to the Mail

Sony purchased the Jackson catalogue in 2010, a year after the singer’s death, giving the music giant rights to the catalogue for seven years as well as permission to release 10 new albums of his work. Among the previously unreleased tracks reportedly stolen by the hackers were duets with Will.i.am of the Black Eyed Peas and Freddie Mercury, the deceased former lead singer of Queen.

The hackers also obtained songs by Jimi Hendrix, Paul Simon, the Foo Fighters and Avril Lavigne.

Sony has acknowledged the breach to the BBC, but refused to say how many Jackson files the hackers had downloaded. Sony still possesses copies of all the music, and the breach does not affect its ability to still release albums and individual songs that were taken by the hackers.

The breach occurred last April, around the same time hackers broke into Sony’s PlayStation Network. In that breach, hackers stole the personal data of 77 million registered online gamers and also gained access to credit card data, though Sony insisted that the latter was encrypted and therefore useless to the intruders.

[ollie]

I'm curious why the unreleased tracks were on their "network" in the first place. Sounds like an extremely lax security protocol.

[phishtaper]

i know i should, but i dont really feel sorry for sony.

[TheSloth]

I wrote my term paper on the Sony hack for one of my information system security grad classes recently, on the surface they simply fucked up big time, upon digging deeper they fucked up so massively in so many different categories of information security they probably should have been prosecuted but the laws are just developing in this regard, specifically in regard to how long a company can dick around hoping it wasn't that bad before notifying its customers things were in fact very bad.

For Christ's sake, user names, email addresses, home addresses and passwords were not encrycpted, you can do a lot of damage with that info alone because people use the same passwords all over the place. They should have had their asses handed to them but the laws just aren't there yet.

[phishtaper]

but didnt they offer all breached users a free 99c mp3?

[TheSloth]

Sure did, and some free games! Problem solved.

[bouche]

there was a free month of playstation plus. it auto-renewed if you didn't cancel so i'm sure they nailed a bunch of people who forgot to cancel their "we're sorry" freebie.

Win-win for sony. Lose-lose for customers.

[phishtaper]

they have some good gear, tho. the sony d7 dat recorder was the tapers favourite from 92 to 96 and was responsible for booting most live music back then. the music side must have hated the technology side.

[Hartamophone]

I think it's a little rich of them to be putting a price tag on music that the hackers downloaded that is widely available (so, everything except the unreleased tracks) when no physical copies were stolen.

[ollie]

I think it's a little rich of them to be putting a price tag on music that the hackers downloaded that is widely available (so, everything except the unreleased tracks) when no physical copies were stolen.

Loss of potential revenue?

Edited March 7, 2012 by Guest

[Davey Boy 2.0]

why stop at $253 Million then? maybe they'll end up costing Sony trillions over the next few thousand years

[Hartamophone]

I think it's a little rich of them to be putting a price tag on music that the hackers downloaded that is widely available (so' date=' everything except the unreleased tracks) when no physical copies were stolen.[/quote']

Loss of potential revenue?

Perhaps, although I'm guessing that if someone wanted to illegally download titles from Sony's catalog, he or she wouldn't need to wait for files to be stolen by hackers. I actually wonder whether the stolen files were mass disseminated at all.

[ollie]

why stop at $253 Million then? maybe they'll end up costing Sony trillions over the next few thousand years

I'm not saying the figure isn't exaggerated but to suggest that there would be no revenue loss whatsoever is a bit of stretch as well.

[Esau.]

Perhaps, although I'm guessing that if someone wanted to illegally download titles from Sony's catalog, he or she wouldn't need to wait for files to be stolen by hackers. I actually wonder whether the stolen files were mass disseminated at all.

Sony paid $60 million for over 80 hours of Jackson unreleased rehearsal footage(video/audio) made before his death. I'm guessing that Sony puts a hefty price tag on that stuff alone. I mean, we all know (for the most part) when a label states "unreleased material" that doesn't always mean previously unavailable material. At least on the internet.