Everybody heard was happened to Sony. They got hacked… twice, 100 million user account were compromised, Wired release a chat Log showing show the credit card owners from Sony will lose all they money(http://www.wired.com/threatlevel/2011/05/carders/).
One of the cause why this has possible was because Sony was running an obsoleted version of Apache Web server on their mainframe and they were not using any firewall at all. Now.. is it just me or this seems a very, very, very bad idea even when you a simple HTML site for a third world country company? And the second question that pops into my head: after being hacker the first time, wouldn’t it be a good idea to run a “apt-get dist-upgrade”, even with the risk of 1 day of downtime?(worst case scenario).
At least, they were encrypting the information regarding the credit card accounts. But with what benefit if they forgot to lock the front door?