Sony: Third Party May Have Accessed 93,000 PSN, SOE Accounts
Run for the hills! Sony have revealed that a third party tried to gain access to a huge number accounts across the SEN/PSN ecosystem by testing thousands of sign-in IDs and passwords against the network. As a precaution, Sony have locked 93,000 accounts to ensure that your data isn’t at risk.
Before people complain about Sony’s poor security, the attack doesn’t seem to be their fault – the sign-in IDs and passwords were taken from “other companies, sites or other sources”. In fact, if it hadn’t been for the initial PlayStation Network hack, and Sony’s pledge to openness, this attempt may not even have been announced. In his first public move since the creation of his new position, Philip Reitinger, SVP & Chief Information Security Officer, Sony Group explained on the PS Blog:
We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them. Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.
As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.
Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.
We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.
Thankfully, it looks like Sony managed to catch the attempt before any real harm was caused and, at worst, a few people will have to reset their password or call Sony to have their wallet reimbursed.
To ensure you’re not a victim of future attempts, always use unique passwords for every service you use – otherwise you might find that your PSN account has been locked when you try to play the Uncharted beta.
15 Responses to “Sony: Third Party May Have Accessed 93,000 PSN, SOE Accounts”
Good Job, Sony. Hope the one’s responsible get caught.
bet it was Shadow-Runner.
HAHA! Nice…
I doubt it, he was probably to busy protesting corporate greed, while tweeting about his heroic exploits from his iPad, but most likely he was watching anime in his moms basement.
+1
Hackers are the thing of the past for Sony
If I remember correctly, didn’t they say that the hackers from the initial attack stole a bunch of usernames and passwords and would most likely try to sell them and that if they did we might hear about it a few months after the attack? I would think this would be what they were referring to and the 30,000 or so accounts that are locked may be people who just used the same password when prompted to change it after the PSN re-launched. I’m just speculating though.
90,000 or so not 30,000. Read the numbers wrong.
Are these hackers/c**nts scared of MicroSoft? LoL They never seem to try & hack Xbox LIVE(but saying that MicroSoft wouldn’t tell their customers anyway if they got hacked + most internet gaming sites wouldn’t make a big deal of it if Xbox LIVE got hacked anyway, YAWN)
Actually, it appears as if there WAS some cross-checking of usernames and passwords happening on XBL, so this problem is more than just PSN. I’ll say it again, this is why you don’t have the same password for all the sites/services you use
hello …
well i shall check my emails & hope no problems.
cheers
hmmm… it seems everytime sony has major titles upcoming they get attacked by hackers… makes me wonder if these hackers are being paid to sabotage sony/psn. really strange goins-on in the gaming industry these days.
ms has been hacked at least 3 times since inception. and that’s not counting the numerous times ppl have lost their accounts, gamerpoints, and $$. from the random account hackers that plague xbox live. however they really hate admitting that they have security issues.
Nothing happened to me luckily
it takes balls to be so honest and upfront in this sensitive issue
Great Job Sony
this attitude tells me “go and pre order Uncharted 3″
yep, that is my way of saying thank you