Sony Hacked for the nth Time: Hackers Now Smarter? Or Sony Hasn't Learned?
An important announcement from Sony's Chief Information Security Officer was put up in the Sony blog. There have been attempts to hack the database networks which might have affected less than 0.1% of the users of Europe.
Sony has detected attempts on Sony Entertainment Network, Playstation Network and Sony Online Entertainment to test a massive set of sign-in Ids and passwords. They have claimed that the data used in the attempt was obtained from one or more compromised lists from other companies, sites or other sources. Most of the log-in attempts have failed and Sony has taken steps to stop the attempts.
The announcement claimed that 93,000 accounts globally have succeeded in logging in and a small fraction of those accounts have shown additional activity before being locked by the company. There were approximately 60,000 accounts compromised with the PSN/SEN and 30,000 accounts with SOE. The company is now reviewing the accounts for unauthorized access and will provide more updates when it is done. The company also stated that the credit card connected to those accounts are safe and will be in contact to users to restore any amount made by unauthorized purchases.
Affected accounts are required to replace their passwords for their PSN and Sen accounts. They will be contacted by Sony via e-mail to inform them about the breach. The users would also have their accounts temporarily turned off and must validate with Sony in order to turn the accounts back on.
"We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites." the announcement warns the users to secure their accounts.
Sony has been targeted with hacking for the past months this year. The first being orchestrated by group LulzSec that also revealed security issues within Sony servers resulting in millions of private details being leaked. Since then Sony has taken steps in securing their servers. Evident of this is this failed attempt at hacking the servers again. At this time no one knows how much damaged is caused to the 93,000 accounts that were hacked.
This recent attack is still covered by the free 12 month insurance package offered by Sony from Affinion International Limited. PSN customers under the age of 18 is not qualified for the insurance. The insurance package includes personal information protection, a help hotline and financial protection.
Questions raised after the incident: Are people still angry over their handling of the Geohot case. If not, did Sony put down its defenses again? Did the attack really happen to just 0.1% of users? Given that this is not the first time, we'll probably hear from Sony and security breaches again.