Sony issued a statement on Wednesday saying that the company had locked down a number of user accounts after it had detected a large number of unauthorized sign-in attempts on its PlayStation Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services.
Sony chief information security officer Philip Reitinger wrote in the statement: “There were approximately 93,000 accounts (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them.”
Sony also said it would be sending email notifications to the affected account holders informing them of the need to reset passwords or giving instructions on how to validate their accounts.
The Japanese electronics giant insisted that credit card information linked to the affected accounts is not at risk as a result of the intrusion. The attack happened over the weekend and, Sony said, affects less than 0.1 percent of PSN, SEN, and SOE users.
According to Reitinger, the Tokyo-based company detected an attempt to test a large set of sign-in IDs and passwords against its network database. The chief information security officer said that that the list of sign-in IDs and passwords appears to have come from “other companies, sites or other sources.”
“In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our networks,” Reitinger said.
Sony has only recently got back on its feet following one of the biggest security breaches in history back in April when hackers stole personal data belonging to more than 100 million of its customers. Its PlayStation Network and Qriocity services were taken offline for more than a month while the company bolstered security.
Unlike in April, however, this latest security scare didn’t involve a direct attack on Sony’s servers or databases – no doubt much to the relief of company executives.
- Facebook dismantles fake accounts that had thousands interested in a rally
- Attacker stole user data from Reddit through employee accounts
- Hacked Chrome extension disguised as legitimate version steals logins
- Ford recalls 2 million of its popular F-150 trucks due to fire risk
- Hack affects 2 million T-Mobile customers, unclear if passwords included