Ad: Manage updates with the Download App
  • CNET
  • All breach posts

breach

The PlayStation Network breach (FAQ)

It's been a roller coaster of a couple of weeks for Sony and its customers.

At first what seemed like an embarrassing network outage that kept customers from accessing PlayStation Network, Sony's online game play and streaming video service, turned out to be much worse: a sophisticated cyberattack made off with the customer data of 77 million PSN and Qriocity customers.

Sony wasn't very forthcoming with information at first--it was a couple days before it acknowledged why PSN was offline, and two days after that it confirmed the security breach. Then over the weekend, the No. 2 … Read more

Sony Online Entertainment data may have been stolen

Sony Online Entertainment was taken offline today and the company warned users of the service that their personal data may have been stolen as part of the computer attack that exposed the information of as many as 77 million PlayStation Network accounts two weeks ago.

Earlier today, the SOE site, a multiplayer online game service, said "SOE MAINTENANCE In Progress," followed by a message: "Dear Valued SOE Customers, We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants … Read more

Governments press Sony on PlayStation breach

As Sony works to bring its PlayStation Network back online following a security breach last week, more government agencies are seeking answers from the company.

The U.S. House of Representatives subcommittee on Energy and Commerce sent a letter to Sony Computer Entertainment America Chairman Kazuo Hirai today, posing more than a dozen questions about the nature of the breach, Sony's policy on data protection and privacy, and its plans for compensating customers.

In the letter, the committee's chairwoman Rep. Mary Bono Mack (R-Calif.) said it would like to know how the intrusion on Sony's network occurred … Read more

Hackers claim to have stolen PSN credit card info

Security researchers say hackers claiming to have credit card information stolen from Sony's PlayStation Network last week are trying to sell that information on underground Internet forums, but the veracity of the claims could not be confirmed.

Sony warned its more than 70 million customers on Tuesday that their personal information--including customer names, addresses, e-mail addresses, birthdays, network passwords, and user names, as well as online user handles--was obtained illegally by an "unauthorized person." Sony responded to the intrusion, which occurred between April 17 and 19, by temporarily disabling PSN and Qriocity, its subscription music service, and … Read more

DSLReports says member information stolen

Subscribers to ISP news and review site DSLReports.com have been notified that their e-mail addresses and passwords may have been exposed during an attack on the Web site earlier this week.

The site was targeted in an SQL injection attack yesterday and about 8 percent of the subscribers' e-mail addresses and passwords were stolen, Justin Beech, founder of DSLReports.com, wrote in an e-mail to members. That would be about 8,000 random accounts of the 9,000 active and 90,000 old or inactive accounts created during the site's 10-year history, Beech said in an e-mail to CNET today.

"The data was taken on Wednesday afternoon, recognized and blocked at 7 p.m., and by Wednesday evening all the active accounts received e-mail notifications advising them to change their password if they share it with that e-mail address and all passwords were changed at that time," he wrote. "My hope is that few if any members will actually lose more than time to change passwords that they share among other sites."

The site has reset the passwords for those affected and members who use the same password on other sites, as noted above by Beech, were urged to change those passwords to prevent those accounts from being compromised. … Read more

Are fraud reports related to Sony breach?

Reports are trickling out from Sony PlayStation Network users about recent fraudulent charges on the credit cards they used for the PlayStation service. But it can't be substantiated at this time whether the fraud is a result of the data breach at Sony, and the timing of the reports could be coincidental.

Sony warned yesterday that customer names, e-mail addresses, birthdays, passwords, usernames, and possibly credit card account information was obtained by an "unauthorized person" between April 17 and 19. As many as 75 million customer accounts are affected.

The company has not said how the breach … Read more

Five questions for Sony about PSN breach

After a week of PlayStation users wondering why they couldn't access PlayStation Network, Sony dropped the bomb yesterday: someone had gained access illegally to the personal information of more than 75 million of its users, forcing the company to shut down PlayStation Network and rebuild it, along with the related media download service Qriocity.

Sony had issued a few brief updates late last week and over the weekend acknowledging the service's outage and then an "external intrusion," but it didn't explain the consequences until yesterday.

The information exposed includes customer names; addresses; e-mail addresses; birthdays; … Read more

Software firm says e-mails stolen in server breach

Ashampoo, a German maker of Windows utilities and security software, warned this week that customer names and e-mail addresses were stolen and could be used in targeted malware attacks.

"Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly," Ashampoo Chief Executive Rolf Hilchner wrote in a message on the company Web site earlier this week.

Billing information, including credit card and bank account numbers, was not affected, he said, adding that German law enforcement is investigating but "unfortunately, the traces of the well-concealed hackers currently disperse abroad."

Attackers often … Read more

Verizon: More breaches but less data lost. Huh?!

Verizon's Data Breach Investigations Report for last year is a bit of a head scratcher. It shows that while the number of data breaches from cyber attacks rose, the amount of compromised records lost has fallen.

While there were 760 data breaches recorded by Verizon and the U.S. Secret Service in 2010 (up from about 140 in 2009), there were only 4 million compromised records involved (way down from 144 million in 2009), according to the Verizon 2011 Data Breach Investigations Report scheduled to be released on Tuesday. The figures represent both a record high number of incidents … Read more

Privacy 'bill of rights' exempts government agencies

news analysis Two U.S. senators introduced sweeping privacy legislation today that they promise will "establish a framework to protect the personal information of all Americans."

There is, however, one feature of the bill (PDF) sponsored by senators John Kerry (D-Mass.) and John McCain (R-Ariz.) that has gone relatively unnoticed: it doesn't apply to data mining, surveillance, or any other forms of activities that governments use to collect and collate Americans' personal information.

At a press conference in Washington, D.C., McCain said the privacy bill of rights will protect the "fundamental right of American citizens, … Read more