Sony Detects Suspicious Behavior, Locks 93,000 Online Accounts

Sony locked the accounts of some 93,000 individuals on the Playstation Network (PSN), the Sony Entertainment Network (SEN), and Sony Online Entertainment (SOE) services following a mass log-in attempt using username-password combinations obtained from an unnamed source.

Sony Sony locked the accounts of some 93,000 individuals on the Playstation Network (PSN), the Sony Entertainment Network (SEN), and Sony Online Entertainment (SOE) services following a mass log-in attempt using username-password combinations obtained from an unnamed source.

The attack affected less than one tenth of a percent of PSN, SEN, and SOE user bases combined, and the majority of log-in attempts failed. However, the 93,000 accounts that Sony ended up locking out were compromised, the company said. According to a statement put out by Sony’s CISO, Philip Reitinger, only a small fraction of the 93,000 compromised accounts showed activity before being locked.

Reitinger’s statement claims that the username-password data-set tested against the networks must have come from some outside site, source, or company, as the vast majority of these attempts failed. Presumably, those attempts that did succeed occurred in cases where users recycled their username-password combos with some other compromised source.

The company plans on contacting the affected gamers via email and encouraging them to perform a password reset, and is assuring users that no credit card data has been compromised.

Less than six months ago, the PSN network was thoroughly compromised by hackers in what turned out to be one of the larger and widely publicized data breaches ever, eventually affecting some 100 million people and leading to nearly a month of network downtime. Sony’s woes didn’t end there either. The company was shamed in its home country of Japan, where government officials postponed a PSN reboot until they were convinced that Sony had resolved their security deficiencies. The network was then beset with password reset issues when they were in the process of rebooting the PSN. This latest breach comes just months after Sony Chief Executive, Howard Stringer, pronounced that the PlayStation Network was more secure than ever at the consumer electronics conference in Berlin.

The full extent and impact as well as more details on exactly what was compromised in the breach should become clearer in the following days as more details of the attack are likely to emerge.

Suggested articles

Discussion

  • Anonymous on

    Humiliating? I'm no fan of Sony but it sounds like they did this exactly right and the username/password combos were from some other site.

  • Anonymous on

    Sounds like some kind of a dictionary attack.

  • Anonymous on

    What was the reason for deleting the comment?

  • Dean on

    I think these people should be put in jail , you'd think with the electronic age, they can be traced back and arrested, but I don't know anything about this kind of tracking, too bad each device does not leave fingerprints in order to trace back in order to catch these terrable attackers. We need stricter rules so we can all enjoy our PS Devices without this constent threat of hackers.

     

     

  • Anonymous on

    Some were successful and they are saying it because some other site that was compromised had the same credentials.  What are the odds that they used username / password combos from some other site and those same people also have a PSN account.  More likely this is a password list from the breach and some users either didn't change their password or used the same password as before.

  • Anonymous on

    Actually, I'd say the chances are fair. A lot of people use the same username and password for everything, no matter the risks, because it's easy. Also, depending on what kind of site those passwords came from, it may be a better that average chance that they'd also have a PSN account.

  • doesn't matter on

    Where is the integrity of being anti-establishment and calling yourself anonymous yet you correspond with NSA masters of intell as if your duty is to help them discover a truly anonymous anti-establishment ghost. Anonymous is synonomous with K.G.B. and communist.

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.