Sony halts 93,000 online accounts in new breach
Sony said on Wednesday it suspended 93,000 accounts on its online entertainment networks after detecting a wave of unauthorised sign-in attempts, months after a huge breach forced it to halt some services.
The attack took place between October 7 and 10 and succeeded in matching valid sign-in IDs and passwords from about 93,000 accounts on its PlayStation Network, Sony Entertainment Network and Sony Online Entertainment services.
Sony said credit card details associated with those accounts were not compromised as a result of the hacking incident.
The entertainment giant has temporarily locked the accounts and said it is continuing investigations into the extent of the access attempts.
It said it would notify affected account holders to advise them to reset their passwords.
A Sony spokesman said that as it moved to shut down the accounts after detecting the hacking bid, “a small fraction” of the 93,000 accounts were accessed and information such as names, birthdays and gaming achievements could have been seen.
However, spokesman Sean Yoneda said the latest setback was not on the same scale as a data breach in April that compromised more than 100 million accounts and forced it to temporarily halt its PlayStation Network and Qriocity services.
At the time, Sony said it could not rule out that some users’ credit card information could have been compromised.
“This time nothing was taken or potentially taken from our data servers,” Yoneda said.
The latest attack saw large sets of usernames and passwords launched at Sony’s online services, with 93,000 matches confirmed.
The information had been obtained through other companies, websites or through phishing practices, Yoneda said. “We know for a fact that (the information) is not from our data servers,” he said.
In a statement, Sony said that “less than one tenth of one percent” of consumers across the three networks may have been affected.
The entertainment giant has been battling to restore consumer trust after April’s security problems, when it faced criticism for not disclosing the intrusion into its PlayStation Network until a week after discovering it.
Sony later suffered attacks on websites including in Greece, Thailand and Indonesia.
In a separate incident, a group of hackers known as Lulz Security in June said they had compromised more than one million passwords, email addresses and other information from SonyPictures.com.
The maker of PlayStation games consoles fully restored its related network and Qriocity services globally by July after pledging to boost the overall security infrastructure.
The PlayStation Network was launched in 2006, allowing gamers to compete online, stream movies and access other services via the Internet.
Analysts say such attacks threaten to further damage Sony’s brand image and undermine its efforts to link its gadgets to an online “cloud-based” network of games, movies and music that relies on consumer confidence in their security.
This year’s attacks have hit Sony as it looks to recover from the impact on production of Japan’s March 11 earthquake, with it incurring additional costs for security upgrades and compensating consumers.
However Sony shares were higher in Tokyo trade Wednesday, rising 1.40 percent.