SOE Station OfflineSony Corp. took further steps to contain a serious data breach: temporarily shuttering the Website of Sony Online Entertainment and station.com, another of the technology company’s online gaming networks, even as it signaled the slow return of its PlayStation Network to operation.

In a statement on its Web site, Sony said it had taken the Station.com and Sony Online Entertainment sites offline temporarily. The company cited the discovery of “an issue that warrants enough concern for us to take the service down effective immediately.” The issue was discovered as part of an investigation into the intrusion that compromised the company’s PlayStation Network, the company acknowledged.

Sony did not respond to an e-mail request for comment from Threatpost.

The news came just days after Sony announced that it would begin a “phased restoration” of PlayStation Network and Qriocity, an online media streaming service. Both have been offline since April 20, shortly after the company first discovered what it has termed an “external intrusion” on PlayStation Network and Qriocity.

Sony will begin restoring gaming, music and video services and roll out new security features to protect accounts and incentives to draw burned customers back to the online gaming network, according to a blog post by Patrick Seybold, Sony’s Senior Director of Corporate Communications and Social Media in a blog post on April 30.
Sony Online Entertainment is the game development and publishing division of Sony Corp. Station.com is the firm’s gaming portal for PC, console and mobile games, including the EverQuest games, Star Wars Galaxies and The Matrix Online.

Station.com members were initially told that the PlayStation Network breach did not extend to SOE and Station.com. The company issued a statement to user forums on April 26 saying that its examination of the SOE intrusion showed that “no customer personal information got out to any unauthorized person or persons.” As of Monday, those support forums were offline for “maintenance.”

In another blow, Sony was also forced to clarify that password information for PlayStation Network users was encrypted when it was stored. In a blog post on Monday, Seybold acknowledged that the password information was  “hashed” - scrambled using a preset value – rather than truly encrypted. That would make the job of cracking the jumbled password information easier for thieves to unscramble and use. “There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form,” Seybold wrote.

The company discounted printed reports that it had been approached by the thieves and asked to buy back the stolen credit card information. “To my knowledge there is not truth to this report of a list, or that SOny was offered an opportunity to purchase the list,” he wrote.

Sony, whose stock was already struggling to recover from the impact of the March 11 earthquake and tsunami, has had its image further battered by the breach. The company has promised incentives to users to return to PlayStation network and new security features, including configuration management, data protection and intrusion detection features to protect accounts. The company said on Monday that it continues to work with law enforcement and forensic experts to identify those behind the attack.

Categories: Cryptography, Data Breaches, SMB Security, Social Engineering, Web Security