SOE Confirms Security Breach, Non-US Card Data Stolen
See Full ImageEarlier today, Sony was forced to bring down the Sony Online Entertainment services and unfortunately, they had good reason to do so.
It has been confirmed that SOE suffered a similar security breach to the one that hit the PlayStation Network last week: around 24.6 million accounts, including 12,700 non-U.S. credit or debit card numbers and expiration dates, have been stolen. The theft occurred between April 16 and 17 and Sony's statement is as follows:
"This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands, and Spain."
So the good news is that the information comes from 2007 and secondly, there's no evidence of stolen American credit or debit card numbers. However, hackers obtained plenty of info from those 24.6 million compromised accounts, such as names, addresses, e-mail addresses, birth dates, genders, phone numbers, login names, and passwords. SOE did mention that the password data is stored in hashed form and not plain text.
SOE has said they will add 30 days of free game use to current customers, and they will also offer a one-for-one match of free game time for each day that servers are offline. Hopefully, they won't be down for as long as the PSN...that would be bad.
Tags: soe, sony online entertainment, psn, psn outage
5/2/2011 7:07:24 PM Ben Dutka
Put this on your webpage or blog:
Email this to a friend
Follow PSX Extreme on Twitter
Comments (70 posts)
tayizfire
Monday, May 02, 2011 @ 9:53:50 PM
1 up, 7 down
Jawknee
Monday, May 02, 2011 @ 11:17:53 PM
3 up, 0 down
Dreno
Monday, May 02, 2011 @ 7:45:57 PM
Reply
So are psn and soe are seperate?
Cause id hate to have to worry about my personal info again...
1 up, 0 down
friction
Monday, May 02, 2011 @ 7:48:54 PM
1 up, 0 down
friction
Monday, May 02, 2011 @ 7:46:30 PM
Reply
5 up, 0 down
Jed
Monday, May 02, 2011 @ 7:49:07 PM
Reply
11 up, 1 down
Robochic
Monday, May 02, 2011 @ 7:57:06 PM
Reply
DAMN U HACKERS, I hope they find you....
1 up, 0 down
Dreno
Monday, May 02, 2011 @ 8:05:57 PM
Reply
But damn, sony can't seem to catch a break.
Just call mcclain from die hard, we seen what he did to timothy olyphants hacker character in live free or die hard.
Can I get a yippy-ki-a mother f**ker.
5 up, 0 down
The Doom
Monday, May 02, 2011 @ 8:10:18 PM
Reply
4 up, 0 down
jimmyhandsome
Monday, May 02, 2011 @ 8:15:36 PM
Reply
Hopefully no non-US SOE members took Highlander's word for it that their servers being down was just preventative "patching" as he said earlier today. He'd have you thinking your CC info was safe.
2 up, 7 down
Ben Dutka PSXE [Administrator]
Monday, May 02, 2011 @ 8:19:08 PM
If you want to be pissed off and voice your opinion, fine. That's what comments are for. But really...name-dropping to purposely cause personal disputes? You're better than that.
11 up, 3 down
Lord carlos
Monday, May 02, 2011 @ 8:29:01 PM
Let the anger flow.
With each passing moment you become more my servant.
Oh i'm afraid the deflector shield will be quite operational when your friends arrive!
HA HA HA.
10 up, 0 down
sha4dowknight05
Monday, May 02, 2011 @ 9:11:48 PM
2 up, 0 down
bearbobby
Monday, May 02, 2011 @ 9:18:29 PM
7 up, 0 down
FatherSun
Monday, May 02, 2011 @ 9:41:15 PM
Imagine VII, VIII and IV! Or do you consider it over?
2 up, 0 down
jimmyhandsome
Monday, May 02, 2011 @ 9:51:03 PM
@ Lord Carlos, you take your avatar and PSX ID to a whole new level. And I like cookies. Preferably no-bake oatmeal raisin.
3 up, 0 down
Clamedeus
Monday, May 02, 2011 @ 9:54:32 PM
3 up, 0 down
Underdog15
Monday, May 02, 2011 @ 10:12:55 PM
It's not really fair to only quote someone on what you want to quote. I also don't think it's fair to never assess the whole of a post. It's not fair.
Last edited by Underdog15 on 5/2/2011 10:13:37 PM
1 up, 2 down
Highlander
Monday, May 02, 2011 @ 11:17:30 PM
As it happens, my post was perfectly correct.
I said this: "Well, I'm thinking this is either a case of them finding a big known vulnerability in their systems ,that is known to have been exploited, so they have to take things down immediately and fix it...Or someone planted a back door in their system...Or someone was still in their system...Or someone planted a virus/trojan of some kind during the main intrusion."
In other words whatever the reason for the outage it was undoubtedly related to the PSN hack.
Sony's engineers and the third party consultants were conducting a review of SOE's systems as part of the security check on Sony's networks after the PSN hack, and they discovered the problem. Rather than it being a simple case of the same or similar vulnerability requiring patching (although I'm certain that is required also, because the same vulnerability was almost certainly exploited in both cases), it seems as though the SOE hack actually pre-dates the PSN hack. In fact they may have been part of the same attack, and SOE was used as a stepping stone to access PSN. The attackers will have gained knowledge of the system configuration of Sony's servers and perhaps even used that to attack PSN.
You know, now I'm sure about you. thanks for making it easy to be sure.
3 up, 3 down
Highlander
Monday, May 02, 2011 @ 11:34:57 PM
Apparently, Sony's engineers and the third party consultants were conducting a review of SOE's systems as part of the security check on Sony's networks after the PSN hack. During that system audit they discovered the problem. Rather than it being a simple case of the same or similar vulnerability requiring patching (although I'm certain that is required also) they found that SOE had also been hacked. Significantly SOE was hacked the day before PSN was. In fact this may have been part of the same attack, with the successful attack on SOE used as a stepping stone to access PSN. The attackers may have gained knowledge of the system configuration of Sony's servers and perhaps even used that to attack PSN.
I'd also add, that it's interesting that SOE didn't know of the attack, but PSN detected an attack on it while it was in progress. It's interesting because SOE has been in the online game for a logn time now and has good experience with building robust and secure systems. Yet it was the attack on PSN that was detected and foiled, where the attack on SOE was not detected until later.
Unfortunately the attack on SOE more closely matches the norm because most organizations that have been hacked don't know about it, and many never find out. Those that do seldom report the matter long after the fact.
4 up, 1 down
Danny007
Monday, May 02, 2011 @ 8:22:11 PM
Reply
Last edited by Danny007 on 5/2/2011 8:23:42 PM
5 up, 1 down
Excelsior1
Monday, May 02, 2011 @ 8:52:46 PM
Reply
3 up, 1 down
Phoelix
Monday, May 02, 2011 @ 8:53:42 PM
Reply
I wonder if they will publish specifically how the hacker(s) got in (if they ever find out).
0 up, 0 down
Highlander
Monday, May 02, 2011 @ 11:37:31 PM
1 up, 1 down
Highlander
Tuesday, May 03, 2011 @ 1:51:52 AM
A quick bit of online research will show you via various sources that Sony uses Linux and Apache for the web-application server element of the PSN and SOE networks. I won't name the web sites as many of them are frequented by the kind of person that hacks a network for fun, and I see no point in promoting them.
A huge number of successful attacks each year are committed against software with one or more known vulnerabilities. More often than not, the vulnerability has been patched by the developers, but the admin of the system hasn't kept their patching up to date, leaving them open to attack.
2 up, 1 down
Highlander
Tuesday, May 03, 2011 @ 1:51:52 AM
A quick bit of online research will show you via various sources that Sony uses Linux and Apache for the web-application server element of the PSN and SOE networks. I won't name the web sites as many of them are frequented by the kind of person that hacks a network for fun, and I see no point in promoting them.
A huge number of successful attacks each year are committed against software with one or more known vulnerabilities. More often than not, the vulnerability has been patched by the developers, but the admin of the system hasn't kept their patching up to date, leaving them open to attack.
0 up, 1 down
Beamboom
Tuesday, May 03, 2011 @ 3:54:06 AM
Other than that, in all friendlyness and respect, I think you should go a bit easier on Jimmy. It's not fun to get the entire site against you. I've experienced the same, and it got me furious too. It can be utterly unfair at times.
Last edited by Beamboom on 5/3/2011 3:55:13 AM
0 up, 0 down
Phoelix
Tuesday, May 03, 2011 @ 3:55:53 AM
I _do_ think it's somewhat odd that they're making a position for chief of security now instead of from the get-go.
2 up, 0 down
Beamboom
Tuesday, May 03, 2011 @ 4:14:49 AM
There *is* something wrong in this picture, indeed. Just don't say that out too loud around here, or you *will* get slayed. ;)
Last edited by Beamboom on 5/3/2011 4:15:37 AM
0 up, 0 down
Highlander
Tuesday, May 03, 2011 @ 10:09:41 AM
Re: Jimmy, I'm not one to bear a grudge at all. Long term I have no problem with anyone here. I've had very strong differences with Jawknee before, and even though we both know we disagree extremely strongly on some things, we know we agree on so many others, so why worry about the disagreements? Besides, if we cannot argue with our friends, who can we argue with. So long as we're all capable of saying sorry or admitting wrong where we are, it's all good. I('m by no means at all perfect, but I do try to admit my errors and where possible I will point out my error and correct myself long before anyone else. But if I am in the wrong and someone shows me I'm in the wrong, I will always try to put my hand up and accept fault where it exists.
Heck the fact that I can still reply and discuss constructively with Mr Underline/ Anonymous Cowherd/whatever his name is, shows that whatever argument there is today, tomorrow is another day. (Bonus points for anyone that names the movie reference...)
1 up, 0 down
Highlander
Tuesday, May 03, 2011 @ 10:43:53 AM
Your point about Apache patching. How frequently is Apache patched these days? I had a look at their web site, and in their list of patched vulnerabilities for 2.2, it's rather distressing to see 9-12 months elapsing between a vulnerability being identified and it being patched. It suggests to me that You could be running Apache with unpatched vulnerabilities, and yet still be running the most up to date, fully patched version.
I don't follow Apache much, so perhaps you can clarify for me? My impression is that going back and back-porting fixes and patches to older versions isn't exactly their top priority, and in fact it seems that patching vulnerability seems to take rather a long time. I hope I'm wrong and that there is better information than what I could find.
0 up, 0 down
jimmyhandsome
Tuesday, May 03, 2011 @ 2:25:50 PM
As far as that quote I believe its from Gone with the Wind. Never actually saw the movie, the only reason why I know that is because I did a book report on it back in the day.
Last edited by jimmyhandsome on 5/3/2011 2:29:58 PM
0 up, 0 down
Highlander
Tuesday, May 03, 2011 @ 2:43:02 PM
I agree, it's all good, people disagree all the time. As far as I am concerned if people don't disagree about something, they're probably not being honest about things. I mean, we're all human and have differences of opinion and understanding, it's only natural that there will be areas of disagreement. to me, it's more important to be able to disagree, and in fact even disagree passionately with others, while still being able to look and go past that disagreement.
My apologies also, I can be stubborn as well, as I'm sure you noticed.
0 up, 0 down
Dancemachine55
Monday, May 02, 2011 @ 8:55:55 PM
Reply
When Sony first sued GeoHotz over the spreading of the PS3's source code, many other hackers threatened Sony, saying they will attack the network if they don't stop the lawsuit. Sony didn't drop the lawsuit, but Hotz got out of paying large sums or doing time in jail. Apparently, that wasn't good enough for the hackers.
So here we are. Sony stands up for itself after a hacker spreads a program designed to hack the PS3 and it suffers for trying to do the right thing. I really do hope these hackers burn in hell alongside Bin Laden.
All this over Sony removing Other OS. Ridiculous!!
It was either submit to the demands of hackers (also known as cyber-terrorists) and keep Other OS, stop suing Hotz and continue allowing the PS3 to be hacked and pirated easily, OR risk PSN network hacking and fight the hackers head on.
I'm glad to see that (like the President of the USA) Sony does not negotiate with terrorists.
Fortunately, I did not play any SOE games, so I have no info to steal. PSN however...
4 up, 1 down
Dancemachine55
Monday, May 02, 2011 @ 11:36:54 PM
http://venturebeat.com/2011/04/28/geohot-psn-attack/
http://loot-ninja.com/2011/04/26/why-has-no-one-hacked-xbox-live-yet/
and this one provides the best details about what exactly happened behind the attacks, along with what was protected and what wasn't.
http://news.cnet.com/8301-27080_3-20058962-245.html
2 up, 0 down
sha4dowknight05
Monday, May 02, 2011 @ 9:10:23 PM
Reply
Even this occured around same time as PSN, still proves 24.5 million users completely compromised with all info lost while PSN ia maybe.
Things aren't looking good for SONY right now.
1 up, 0 down
Dancemachine55
Monday, May 02, 2011 @ 11:39:43 PM
Do NOT piss off hackers!!!
1 up, 1 down
Naztycuts
Monday, May 02, 2011 @ 9:14:36 PM
Reply
Ouch! So when is someone going to put a bounty on these people's heads? Now that Osama's dead we (the US) can start focusing more on policing the internet!!! /sarcasm
Seriously though if they could make laws that apply to malicious hackers and the like without infringing too much on normal people's rights then I'd be all for it.I don't think safety should come at the cost of our privacy. It makes everyone seem so reliant, yet uneducated about the computer scene, that a huge corporation like Sony can be hacked and damaged this badly, I feel for anyone who got their info stolen.
4 up, 0 down
LittleBigMidget
Monday, May 02, 2011 @ 9:19:13 PM
Reply
1 up, 0 down
FatherSun
Monday, May 02, 2011 @ 9:36:14 PM
Reply
It seems that we are at a time where the internet has become a battleground. Corporate Society versus... well, those who play by their own rules. We are caught in the middle. It is now Law Enforcements move. DHS, FBI, CIA or INTERPOL. Whichever entity has jurisdiction. How they handle this will demonstrate who actually owns the Internet. This will not end with Sony. At this rate 2012 may just be the end of the world as we know it.
Or not.
4 up, 0 down
Lairfan
Monday, May 02, 2011 @ 9:53:05 PM
Reply
3 up, 0 down
BikerSaint
Monday, May 02, 2011 @ 9:57:10 PM
Reply
We got bin laden, and WE WILL get you too!!!!!!
2 up, 1 down
kraygen
Monday, May 02, 2011 @ 10:08:24 PM
Reply
It'd also detour future hacking.
3 up, 3 down
RadioHeader
Tuesday, May 03, 2011 @ 4:22:50 AM
I don't watch much TV but I'd watch that, if it didn't overlap the Footy.
2 up, 0 down
Oyashiro
Monday, May 02, 2011 @ 10:35:48 PM
Reply
1 up, 0 down
Highlander
Monday, May 02, 2011 @ 11:25:42 PM
Reply
0 up, 1 down
Beamboom
Tuesday, May 03, 2011 @ 4:11:32 AM
0 up, 0 down
Highlander
Tuesday, May 03, 2011 @ 10:10:18 AM
0 up, 0 down
CoolBLKguy
Tuesday, May 03, 2011 @ 1:16:40 AM
Reply
Last edited by CoolBLKguy on 5/3/2011 1:16:54 AM
1 up, 0 down
Qubex
Tuesday, May 03, 2011 @ 2:43:39 AM
Reply
In fact PSN went down on the last day of the reported 2 week cooling off period. It seems there are many angry employees are Sony who have recently been let go... and as I stated to Highlander in a post about a week or so ago, PSN may have been compromised, or a back door left open, by its own staff. Disgruntled employee syndrome if you will.
I don't know Ben if you have picked up on this, but a few sites are siting evidence of a big round of redundancies at Sony's online division that could have contributed to the back door being left open.
To be honest, thinking about this; I actually believe this to have credibility simply because of the way human beings react to news like this, especially if you have employees who feel they are being unfairly dismissed. Desperation and vindication can lead to people doing some nasty things, and these network hacks could be part of something far deeper than we know on the surface of what is really going on.
The PSN hack may not have been caused by Rebug or Anonymous after all. It may have been caused by an internal backlash!
We may never know for sure; but with Sony taking so long to come clean with information, there may have been some major issues going down internally that could prove very embarrassing to the corporation if it were ever to be known fully in public.
Already Sony's PR has been obliterated... it will take them a long time to recover...
Q!
"play.experience.enjoy"
2 up, 1 down
Highlander
Tuesday, May 03, 2011 @ 3:02:50 AM
2 up, 1 down
Beamboom
Tuesday, May 03, 2011 @ 4:05:11 AM
The only thing that does not rhyme here is if it was internals being mad at Sony, why would they have stolen the credit card backup? That smells, unfortunately, like professionals. Like I mentioned in another thread, typical russians. They are *maniacs* on this field, they even got educational institutes that has "hacking classes" (it's true...!).
I mean, how many of you has gotten a new cc since 2007? None of mine are that new... And the expire date is usually ten years or so, isn't it? I believe so.
On the servers I monitor there are attacks on my Linux boxes *every single day* trying to exploit known security holes, and trace routing their origins usually lead back to east block/russian computers, usually located at schools.
Last edited by Beamboom on 5/3/2011 4:10:39 AM
1 up, 0 down
Highlander
Tuesday, May 03, 2011 @ 10:28:28 AM
The curious thing about these hacks to me is the data stolen - or accessed. The attackers apparently stole personal data, 90% of which is freely available via public database searches. The password hashes are important, but depending on how well salted they are, they may not be of much use without a well resources rainbow table attack. The attackers didn't get current CC data in either case, and in the case of SOE got a 4 year old backup.
I don't know, there's something odd about that. If someone's going to target a major transactional network, and spend several days on the attack, they're not there to get names, dates of birth and email addresses, they're there for financial information. To me that suggests that either the attack was not designed to steal financial data, but instead destroy confidence in PSN/SOE online security. Either that or Sony's internal network security was better than people are suggesting because even after a sustained attack the worst that can be said is that a table with a few 10's of thousands of credit card details from 2007 might have been stolen.
It's not adding up for me. If a criminal group of hackers goes to this much trouble, are they really only after personal data most of which can be found through legal means?
I really hope that these events are ultimately written up in a book, it will be fascinating to read the details.
2 up, 0 down
faraga
Tuesday, May 03, 2011 @ 3:03:09 AM
Reply
0 up, 0 down
Beamboom
Tuesday, May 03, 2011 @ 4:09:03 AM
2 up, 0 down
___________
Tuesday, May 03, 2011 @ 4:55:24 AM
Reply
sigh.
yet again more proof showing why you cant believe a single thing sony says!
one day 1 + 1 = 2 the next day its 73, the next day its 57 and the next day its 94.
1 up, 5 down
Underdog15
Tuesday, May 03, 2011 @ 7:10:13 AM
They are still separate. You should read some of the comments prior to yours.
2 up, 1 down
___________
Tuesday, May 03, 2011 @ 10:14:10 AM
point is there waving the flag saying nothing to see here folks its all ok, when theres a flaming wreckage!
0 up, 4 down
Highlander
Tuesday, May 03, 2011 @ 10:31:47 AM
1 up, 0 down
Underdog15
Tuesday, May 03, 2011 @ 8:17:37 PM
When you said there safe, I assumed you meant they are separate and therefore safe as if that was your criticism.
See? Grammar isn't just for Prissies! It can be confusing when misused! lol
0 up, 0 down
D1g1tal5torm
Tuesday, May 03, 2011 @ 6:58:35 AM
Reply
They should've checked this more thoroughly before giving the 'all clear'.
I' ve already recieved 2 phone calls from 'my bank' asking to check details.
1 up, 0 down
Ultimate_Balla
Tuesday, May 03, 2011 @ 6:55:24 PM
Reply
0 up, 0 down
Jawknee
Reply
Monday, May 02, 2011 @ 7:19:07 PM