Sony Locks Down 93,000 Playstation Accounts After Hacking Attempt
It's a familiar story that Sony is probably tired of telling. But its new senior vice president and chief information security officer had the unfortunate honor of telling it once more: Hackers have attacked the PlayStation Network. The company has temporarily locked down 93,000 accounts.
Philip Reitinger, Sony's security guru and former U.S. homeland security officer who joined the company in September, said the electronics giant has detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment services to test a massive set of sign-in IDs and passwords against its network database.
"These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources," Reitinger wrote in a blog post.
"In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks. We have taken steps to mitigate the activity."
Picking Proper Passwords
Although Reitinger said less than 0.1 percent of its audience may have been affected, the security expert decided to temporarily lock those accounts. Sony is reviewing the accounts for unauthorized access, and promised to update the world when it gets more information.
Reitinger assured Sony customers that credit card numbers associated with their accounts are not at risk, and the company will work with any users whose account balances were used for unauthorized purchases. Meanwhile, Sony is requiring secure password resets for account that had both a sign-in ID and password match in the latest hack attempt.
"We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites," Reitinger said. "We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account."
Sony's Dark Clouds
Sony took a black eye in April when hackers infiltrated its Sony PlayStation Network. Just weeks later, LulzSec, the same hackers who broke into the PBS Web site and led many to believe that murdered rapper Tupac Shakur was still alive, took responsibility for another attack on Sony Online Entertainment. During that attack, information from some 100 million user account profiles was exposed.
Shares in Sony stock have plummeted a whopping 55 percent since the company admitted to the massive hacking on April 27. The PlayStation hack rattled investor confidence in Sony's plans to expand into online music and movie distribution, and at the same time the electronics giant's TV business saw losses and economic conditions in general worsened.
"Sony probably hoped that the dark clouds of security problems had passed since earlier this year. The problem is really one of customer perception. Rightly or wrongly, customers will continue to associate Sony with security breaches -- and that's not going to be good for the brand," said Graham Cluley, a senior security consultant at Sophos.
"Next time people are in the shops deciding whether to buy a Sony, a Nintendo or a Microsoft Xbox, it's possible that incidents like this may sway customers away from the Sony console."