It's not more funding they need; it's people that actually know what they're doing. Let's face it: all systems are hackable in some way, but it is the security's job to make those hacks have minimal effects. This skill requires people who actual know the general security principles that are taught at most technical institutes today.

You can't possible make that judgement from outside. If their security team consisted of two people, the surface area was just too large. In that situation, id be worried about protecting trade secrets and intellectual property and to hell with the web sites.

If it consisted of 20 people, I would agree with you: they would still be hackable, but the embarrassing simplicity of the hacks should have been covered.

Without knowing details of the team, it is just an unsubstantiated guess and/or heaping crap on Sony (who, as a company, i can't stand).

If their team consisted of two competent people, they would have made a stink about storing passwords in plaintext. They wouldn't have been able to make sure the website was secure, but they could have minimized the fallout from a breach.

Not with as distributed as Sony is. Remember, Sony is not a single company. It is like a gazillion companies, divided by country and business type. Have you ever tried communicating across business units in a large, multi-national company? It is a nightmare.

I'm not excusing Sony: they screwed up big time. I'm simply saying that we can't infer that their security team (if it even exists) is incompetent.

Agreed. They're loosing customer data, which is bad, but they're not a web company. If the schematics and firmware for their computers, TVs, cameras, media players, or PlayStations was leaked, then Sony would be more concerned.

I'm surprised the hackers are still going after customer data, and haven't started targeting IP yet.

My guess is that the hackers are going more for publicity than for anything else. As much as it should be, stealing the firmware for the PS3 isn't really "newsworthy"; stealing a million credit cards gets you on every front page in North America.

We would likely have no way of knowing if the hackers were going after the IP. Sony just may have that security right.

I don't know why we are so sympathetic towards them - either they are just bad at security or understaffed and thus just can't maintain everything. Both options are about as probable.