Sony Subsidiary ISP Compromised, Virtual Tokens Stolen

Sony’s subsidiary Internet service provider, So-net, was broken into on Friday by an intruder who allegedly made off with some $1200 in virtual tokens, according to a NetworkWorld report.

Sony’s subsidiary Internet service provider, So-net, was broken into on Friday by an intruder who allegedly made off with some $1200 in virtual tokens, according to a NetworkWorld report.

The report claims that the intrusion originated from a single IP address between May 16 and 17, where an attacker used known user names and an automated program to generate possible passwords. So-net told the Wall Street Journal that it took some 10,000 attempts before the intruder managed to gain access to the network.

According to the NetworkWorld report, So-net is an ISP that allows users to accumulate virtual reward points that can then be redeemed for Sony merchandise and services. The hacker redeemed points belonging to 130 customers, and further compromised the accounts of another 73 users but did not redeem their points. The company also believes that about 90 email accounts were compromised as well.

How an intruder managed 10,000 entry attempts without being flagged is unclear according to NetworkWorld.

A So-net spokes person told the Wall Street Journal that they have no reason to believe that this latest breach is in any way related to the mid-April hack that brought down the PlayStation Network for nearly a month.

This incident is the latest in string of security failures and public relations embarrassments for Sony, beginning with denial of service attacks by the group Anonymous and a subsequent hack of both PSN and Qriocity, Sony’s media streaming network. The company’s woes multiplied during the long overdue network restoration process when Sony had to shut the network down again in response to a glitch in their password reset page. In fact, this second outage may have vindicated concerns on the part of Japanese regulatory officials who did not immediately allow the PSN restoration efforts to go forth in their home country.

Suggested articles

Discussion

  • Anonymous on

    This information is being uploaded to a central server every 20 minutes. SW.Quieting specifically is forwarding all messages  officials and industry leaders.mostly in China and the U.S., but Cheap Air Max also in Hong Kong and Singapore as well. The  Air Max 2011 victims include the gaming sites and online stores Air Max Tailwind common targets of DDOS attacks, which are used to knock the sites offline and extract protection payments from site operators.Air Max 24-7 But JKDDOS is also targeting large investment firms,

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.