Sony locks down online accounts after security breach
Usernames and passwords of nearly a hundred thousand users on PlayStation Network, Sony Entertainment Network, and Sony Online Entertainment were verified by hackers recently.
Sony said today it had locked down 93,000 user accounts on its online gaming and entertainment networks after detecting a large number of unauthorized attempts to gain access to the accounts.
Intruders "using very large sets of sign-in IDs and passwords" had brief access to 60,000 accounts on the PlayStation Network and Sony Entertainment Network and another 33,000 accounts on Sony Online Entertainment's servers, Sony said.
The attacks occurred from Friday through Monday and affected "less than one-tenth of 1 percent" of PSN, SEN, and SOE consumers, Sony said in a statement. Hackers succeeded in verifying sign-in IDs and passwords, but Sony said credit card information was "not at risk" during the attack. Sony locked the accounts after confirming the attempts were unauthorized.
"In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks," Sony Chief Information Security Officer Philip Reitinger said on the PlayStation blog.
The compromised accounts also "showed additional activity prior to being locked," but that information has not been detailed. "We are continuing to investigate the extent of unauthorized activity on any of these accounts," Sony said.
Reitinger somewhat hinted at what the "additional activity" could be: "We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet."
Sony is actively sending e-mails to affected consumers who have locked accounts and is requiring them to perform a secure password reset.
PSN hacking is a sensitive subject for many following a month of outages earlier this year that were ultimately pegged to cyberbattacks.
The sheer scope of the, which compromised the personal information of millions of gamers--was a huge smudge on the public perception of the gaming network. In the damage-control department, Sony issued multiple apologies and the promise of a strengthened network, along with giving affected users a $1 million identity theft insurance policy and free games. It also gave all PSN members affected by the outage access to PlayStation Plus for a month.