SOE Confirms Security Breach, Non-US Card Data Stolen
Earlier today, Sony was forced to bring down the Sony Online Entertainment services and unfortunately, they had good reason to do so.
It has been confirmed that SOE suffered a similar security breach to the one that hit the PlayStation Network last week: around 24.6 million accounts, including 12,700 non-U.S. credit or debit card numbers and expiration dates, have been stolen. The theft occurred between April 16 and 17 and Sony's statement is as follows:
"This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands, and Spain."
So the good news is that the information comes from 2007 and secondly, there's no evidence of stolen American credit or debit card numbers. However, hackers obtained plenty of info from those 24.6 million compromised accounts, such as names, addresses, e-mail addresses, birth dates, genders, phone numbers, login names, and passwords. SOE did mention that the password data is stored in hashed form and not plain text.
SOE has said they will add 30 days of free game use to current customers, and they will also offer a one-for-one match of free game time for each day that servers are offline. Hopefully, they won't be down for as long as the PSN...that would be bad.
5/2/2011 7:07:24 PM Ben Dutka