More trouble for Sony, data of additional 24.6m users at risk

First came the reports of the data theft of up to 77 million accounts held by the Sony PlayStation Network. And now, late on Monday, another 24.6 million accounts can be added to that figure. Executives at Sony must be desperately hoping they’ve now turned the corner and will not be confronted with more bad news in the coming days and weeks. With such a colossal number of accounts having already been hacked, we’re wondering if there are actually any more Sony accounts left for hackers to get hold of.

The latest data theft is connected not with the PlayStation Network hack which occurred last month, but with accounts registered with Sony Online Entertainment (SOE), based in San Diego.

An inkling that something was afoot came late Sunday night when the Japanese electronics giant suspended its SOE online gaming service, saying that it had “discovered an issue that warrants enough concern for us to take the service down effective immediately.” Ominous words, indeed.

Later, in a press release issued in Tokyo on May 3 local time, the corporation said that “hackers may have stolen SOE customer information on April 16th and 17th, 2011.” The statement continues: “…personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.”

According to the press release, information contained in the 24.6 million accounts includes: “name, address, email address, birthdate, gender, phone number, login name and hashed password.” Information contained in the direct debit records includes: “bank account number, customer name, account name and customer address.”

The press release also says that SOE will be granting customers “30 days of additional time on their subscriptions, in addition to compensating them one day for each day the system is down. It is also in the process of outlining a “make good” plan for its PlayStation®3 MMOs (DC Universe Online and Free Realms).” Further information about this will be issued some time this week, but we wonder if this, as well as the recently rolled out “Welcome Back” program, will be enough to retain Sony gamers who are no doubt feeling rather roughed up by recent events.

SOE added that it will be sending emails to consumers whose data may have been stolen but also reiterated that such emails from Sony would never ask for credit card details, social security numbers or other personally identifiable information.

Get our Top Stories delivered to your inbox: