Sony cuts off Sony Online Entertainment service after hack
IDG News Service - The widely publicized hack of Sony's computer networks is worse than previously thought, also affecting 24.6 million Sony Online Entertainment network accounts.
Sony -- which has kept its Sony PlayStation Network offline for nearly two weeks as it investigates a computer intrusion -- took a second gaming network offline on Monday, saying it too appears to have been hacked. It said banking and credit card information belonging to more than 23,000 customers outside the U.S. may have been compromised.
The Sony Online Entertainment network, used for massively multiplayer online games like EverQuest, Star Wars Galaxies and Matrix Online, has been suspended temporarily, Sony said Monday. Add this to the 77 million accounts that may have been compromised last week, and Sony is responsible for one of the largest recorded data breaches.
The entertainment network is separate from the PlayStation Network but both hacks have similar traits, said Mai Hora, a spokeswoman for Sony Computer Entertainment in Tokyo.
In both cases, the stolen data includes customer names, e-mail addresses and hashed versions of their account passwords. That data could be used to spam customers or trick them with phishing e-mails.
Last week Sony said PlayStation Network and Qriocity users may have had their credit card numbers accessed, but that those numbers were encrypted. Sony now says some credit card numbers may have been taken from a different database. It did not say if that data was encrypted.
The hackers gained access to an "outdated database from 2007," Sony said in its press release. That database included card numbers and expiration dates for 12,700 customers based outside of the U.S., and direct withdrawal data belonging to some customers in Austria, Germany, the Netherlands and Spain.
Sony has been dealing for weeks with the public relations crisis spawned by the hacks. On Sunday, as the head of Sony's gaming division was apologizing for the hack in a news conference, investigators were learning about the Sony Online Entertainment and credit card database hacks.
Last week, rumors surfaced on underground hacking forums that the thieves had obtained millions of credit card numbers, but Sony maintains that this is untrue. "There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment," Sony said Monday.
(Martyn Williams in Tokyo contributed to this story.)
- Snowden advocates at SXSW for improved data security
- Joomla receives patches for zero-day SQL injection vulnerability, other flaws
- NSA used 'European bazaar' to spy on EU citizens
- Target CIO resigns following breach
- Evan Schuman: Mobile IT Roach Motel: Data checks in, but it won't check out
- Sears finds no evidence of data breach -- yet
- Gameover malware is tougher to kill with new rootkit component
- Mobile app for RSA Conference exposes personal data
- UK man charged with hacking Federal Reserve
- Bloomberg clamps down with data-access policies after scandal
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts