Sony: New PSN Attack Affects "1/10th Of 1% Of Customers"
See Full ImageYes, it's another day in the wonderful world of cyberattacks and digital fraud.
It seems Sony has been targeted again, as Chief Information Security Officer Philip Reitinger has confirmed unauthorized activity on the Sony Entertainment Network, PlayStation Network, and Sony Online Entertainment ("Networks") services.
These were attempts on the networks to "test a massive set of sign-in IDs and passwords" against Sony's database; the attempts include "a large amount of data obtained from one or more compromised lists from other companies, sites or other sources." And as the data tested consisted of sign-in ID-password pairs and that most resulted in failed matching attempts, Sony had to recognize the threat.
Reitinger adds that less than one tenth of one percent (0.1%) of PSN, SEN, And SOE customers have been affected by this. Around 93,000 total worldwide accounts have been locked temporarily after the attempts managed to verify valid sign-in IDs and passwords, and "only a small fraction" of those accounts showed any additional activity. Sony is currently checking those accounts for unauthorized access. Also, one final, very important note from Reitinger:
"If you have a credit card associated with your account, your credit card number is not at risk."
For prevention purposes, Sony will ask for secure password resets for the PSN/SEN accounts that had both a sign-in ID and password match via this attempt. If you're one of the few who have been affected, you'll receive an e-mail from Sony at the address connected with your account, and you'll be asked to reset your password. Lastly, the SOE accounts that were matched have been "temporarily turned off."
Like I said before, I kinda miss the good ol' days of Super Nintendos and you know, privacy.
Tags: sony, soe, sonly online entertainment, psn, playstation network
10/12/2011 9:52:15 AM Ben Dutka
Put this on your webpage or blog:
Email this to a friend
Follow PSX Extreme on Twitter
Comments (33 posts)
Sakaxxxx
Wednesday, October 12, 2011 @ 10:15:20 AM
Reply
4 up, 0 down
Underdog15
Wednesday, October 12, 2011 @ 11:11:07 AM
Why people are sharing their PSN sign in info with other parties unrelated to PSN is also strange. It's not even like the Sony servers were at risk... people just share their passwords with too many people. -AND- it's less than a tenth of a percent of all users.
Anyone who blames Sony is a moron. Blame the people sharing their info. It's as silly as sharing your credit card info with a 3rd party so they can check your balance for you. (Without the monetary side of things, of course)
6 up, 1 down
Clamedeus
Wednesday, October 12, 2011 @ 11:18:57 AM
I see that a lot of YouTube, people who want to game share with others than the person who gave the information never gets his account back. I mean like, seriously, you are trusting a complete stranger. Then they blame sony.. Morons..
5 up, 0 down
D1g1tal5torm
Wednesday, October 12, 2011 @ 11:27:26 AM
Most users I guess will have changed, xcpt those with old multi/redundant accounts.
1 up, 0 down
Underdog15
Wednesday, October 12, 2011 @ 11:36:17 AM
There are some sites that take and store PSN data. For example, there are some gamertag or trophy card websites that require the email you used for PSN and the PSN password in order to generate your trophy card. There are also unlicensed iphone apps that also store your info to check on friends, etc.
It's more than possible you could hack one of those websites and steal sign in data that way.
Not that you are wrong (you might be right), but there are other possibilities as well.
Last edited by Underdog15 on 10/12/2011 11:36:34 AM
0 up, 0 down
Jdogtoocool
Wednesday, October 12, 2011 @ 11:42:08 AM
0 up, 8 down
Underdog15
Wednesday, October 12, 2011 @ 1:04:01 PM
...
Last edited by Underdog15 on 10/12/2011 1:04:33 PM
1 up, 0 down
Underdog15
Wednesday, October 12, 2011 @ 5:46:47 PM
...
I don't know what's going on anymore.
Last edited by Underdog15 on 10/12/2011 5:47:42 PM
3 up, 1 down
Looking Glass
Wednesday, October 12, 2011 @ 11:22:27 AM
Reply
Agreed. This time Sony is actually not at fault in any way, shape, or form. The hackers simply stole information from some other source and tried to use it with the PSN. And this time Sony did everything right with it's handling of the situation. As far as security is concerned Sony has really stepped up it's game and anyone who tries to hold this against Sony is biased, a moron, or both.
5 up, 0 down
Highlander
Wednesday, October 12, 2011 @ 11:26:36 AM
Reply
<<"These were attempts on the networks to "test a massive set of sign-in IDs and passwords" against Sony's database; the attempts include "a large amount of data obtained from one or more compromised lists from other companies, sites or other sources.">>
So, someone used data acquired from other sources to attempt to hack individual accounts - not PSN. Doesn't sound like a PSN hack or an attack on PSN, it sounds like a targeted mass attack on individual consumers.
It's interesting how you might do this, because it doesn't even require people to have carelessly shared their PSN credentials with someone. Let's say that our bad guys scraped PSNIDs, names and email addresses from various gaming forums. Even on our own one here PSN IDs are literally there for all to see. Next, our bad guys might purchase or acquire email addresses and other personal data acquired from other sites. Then the bad guys could cross reference all the data. The result could be a fair number of complete sets of name, PSNID, email address and some personal data that might derive a password. They might even have passwords taken from weaker systems.
We already know that all PSN passwords were reset after the attack on PSN itself. So any passwords used have to come from hacks of other systems or other methods - including phishing schemes.
So really this is not so much an attack on PSN as it is an attack on numerous PSN users specific PSN accounts, the same kind of attack that has been happening to users since the first online services where created. PSN and XBL are simply very high profile services that are easily targeted.
Well, At least Sony a) proactively detected it, b)in the vast majority of cases appears to have prevented harm by locking accounts, and finally c) notified everyone concerned of suspicious activity with their account.
Still, I wonder how the 'tech-ingoretia' at the usual game new outlets will handle this...
5 up, 3 down
Beamboom
Wednesday, October 12, 2011 @ 11:35:31 AM
Last edited by Beamboom on 10/12/2011 11:36:54 AM
1 up, 0 down
Darwin1967
Wednesday, October 12, 2011 @ 1:00:00 PM
Reply
0 up, 0 down
Highlander
Wednesday, October 12, 2011 @ 2:54:15 PM
1 up, 0 down
maxpontiac
Wednesday, October 12, 2011 @ 1:12:55 PM
Reply
1 - Microsoft.
2 - Microsoft financed.
3 - Hackers who are Anti-Sony.
4 - Chicom (Chinese Communists)
4 up, 4 down
Beamboom
Wednesday, October 12, 2011 @ 2:22:40 PM
Any organization, non-profit or commercial, that has a server connected to the internet has to be prepared for these kinds of attempts. It happens all the time.
So, call or raise? ;)
Last edited by Beamboom on 10/12/2011 2:30:07 PM
0 up, 0 down
maxpontiac
Wednesday, October 12, 2011 @ 4:42:46 PM
:)
0 up, 0 down
Beamboom
Thursday, October 13, 2011 @ 3:00:36 AM
And I call your raise on that it was not anti-Sony. They have just proven to be a rather weak target earlier, therefore stupid kids with no tact or creativity tried their luck. This is just pure dumb. Much like the poor souls who keep feeding the slot machines.
Dealer, do your thing. :)
Last edited by Beamboom on 10/13/2011 3:04:37 AM
0 up, 0 down
johnld
Wednesday, October 12, 2011 @ 1:15:53 PM
Reply
on a side note, i got that correct hard disk not found error so i had to reformat ps3. i have all my gamesaves but the painful part is redownloading and reinstalling all the dlcs i had, using a 3mbps connection. then i have to update and reinstall all the games i've been playing. i guess im not playing games for a bit. at least its just in time for batman.
Last edited by johnld on 10/12/2011 1:17:51 PM
0 up, 0 down
Alienange
Wednesday, October 12, 2011 @ 2:15:47 PM
Reply
0 up, 0 down
Gamer Girl Gemo
Wednesday, October 12, 2011 @ 4:01:19 PM
Reply
Let the Xbots and haters alike keep finding their reasons to put down Sony every chance they get. It makes absolutely no difference to my loyalty to such an awesome company.
Last edited by Gamer Girl Gemo on 10/12/2011 4:01:58 PM
3 up, 0 down
Wraith
Wednesday, October 12, 2011 @ 4:32:41 PM
Reply
Last edited by Wraith on 10/12/2011 4:33:03 PM
0 up, 4 down
Looking Glass
Wednesday, October 12, 2011 @ 5:37:23 PM
And this incident was not Sony's fault in any way. The stolen info came from another source and Sony did everything right in it's response to this. They immediately detected the malicious activity, they immediately went public with the news, and they immediately implemented all necessary countermeasures. It's certainly not Sony's fault that the cyber criminals are being their usual a**hole selves.
2 up, 0 down
bigrailer19
Wednesday, October 12, 2011 @ 6:37:06 PM
Last edited by bigrailer19 on 10/12/2011 6:38:53 PM
3 up, 0 down
bigrailer19
Wednesday, October 12, 2011 @ 11:36:17 PM
2 up, 0 down
ThingsOnFire
Wednesday, October 12, 2011 @ 7:02:15 PM
Reply
3 up, 1 down
BikerSaint
Thursday, October 13, 2011 @ 5:10:22 PM
Reply
Whether script kiddies or hackers, all of these effing scumbags need to become gender-changed within 10 minutes of those prison cell barred doors slamming behind their virgin a$$es!
0 up, 0 down
Condemnedsoul23
Reply
Wednesday, October 12, 2011 @ 10:15:05 AM