A reported breach of a Sony folder containing the serial ID numbers for every PlayStation 3 console appears to have led to users being inexplicably banned from the platform. This is just the latest in a shocking spike in attacks on unsuspecting gamers.
Sony reportedly left a folder with every PS3 console ID online unsecured, and it was discovered and reported by a Spanish YouTuber with the handle “The WizWiki” in mid-April. Sony is depicted in his reveal video as the hind end of a rhinoceros defecating, for a general idea of the reaction posted on April 18 for non-Spanish speakers.
Now, several weeks later, players on PlayStation Network message boards are complaining that they can’t sign on and are receiving the error message 8071006. After enabling two-factor authentication (2FA), one player was able to sign back in without issue, according to posts on the PS3 subreddit, which includes a link to instructions on how to opt into 2FA on the PS3.
It appears threat actors have started using the stolen PS3 console IDs for malicious purposes, causing the legitimate players to get banned.
Another player on the PSNProfies forum put the stolen PS3 IDs and the ban together back on June 18.
“This has just happened to me now, tried to sign in and it says the console has being banned or temporarily suspended,” the user wrote. “My account is fine, I can log in on my other PS3, but my main PS3 has got a ban. I signed in fine about 2 hours ago and all I did was use Netflix.”
The player added that Sony should be doing more to explain the issue and stop it.
‘If It’s Not a Console ID Leak, What the Hell is Going On?’
“This is very worrying, if it’s true that console IDs have been leaked then over the next few months, I think we will see a huge increase in this happening, I can’t think of what Sony could do to stop this issue?” the person wrote. “If it’s not a console ID leak then what the hell is going on?”
Sony has not responded to Threatpost’s request for comment or confirmed a connection between the PS3 ID breach and player reports of being locked out of the platform.
“While it has not yet been confirmed that a data leak of PS3 IDs is correlated with the user bans on the PS3 network, this underscores the importance for all businesses to ensure enterprise-wide visibility of this type of sensitive data, to enable the facilitation of more robust real time security controls,” Kate Kuehn, researcher with vArmour, told Threatpost.
She added that this an example of a company’s lack of appropriate security protections and real-time visibility into their sensitive data.
“There are many concerns around these console IDs being leaked, not the least the impact of potentially minor or underage user credentials being now out on the Dark Web,” Kuehn added. “The main concern is once again, due to lack of proper application relationship management, mainstream personal data has again been potentially stolen with malicious intent.”
Cyberattacks on Gaming Industry Spike Dramatically
Sony is hardly the only gaming company leaking data like a sieve. A report from January found a half a million credentials stolen from the Top 25 gaming companies on caches of breached data for sale in criminal marketplaces. In June, the “Battle of the Galaxy” mobile game leaked 6 million gamer profiles, and attackers are working out how to use gaming platforms like Steam to host or deliver malware.
And, coincidentally, Akamai released a report just this week showing that bored gamers stuck at home during the pandemic pushed the rate of cyberattacks on the gaming industry up 340 percent in 2020.
There’s no cheat code required to get the idea that its past time for gaming to take cybersecurity more seriously.
“As we have seen in recent weeks through attacks like this and the initiatives the government is enacting in response, implementing robust zero-trust architecture is key to mitigate the risks associated with critical data exploitations by bad actors, as we see potentially again playing out in this latest Sony PS3 case,” Kuehn said.
Join Threatpost for “Tips and Tactics for Better Threat Hunting” — a LIVE event on Wed., June 30 at 2:00 PM ET in partnership with Palo Alto Networks. Learn from Palo Alto’s Unit 42 experts the best way to hunt down threats and how to use automation to help. Register HERE for free!