PlayStation.Blog
PS4 - The Last of Us Remastered

An Important Message From Sony’s Chief Information Security Officer

Philip Reitinger's Avatar + Posted by Philip Reitinger on Oct 11, 2011 // SVP & Chief Information Security Officer, Sony Group

We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.

Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them. Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.

As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.

Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.

We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.

//Add Your Own

267 Comments

151

+ Bilsebob on October 12th, 2011 at 9:13 am said:

I will never use a credit card online. I do use PS Network cards and Paypal for other things. Use your heads people.


152

+ Ethereal on October 12th, 2011 at 9:23 am said:

Keeping us to date and locking those accounts that got in is the way to go. Keep up the good work on the security front, it is bound to happen again.


153

+ Deathspear666 on October 12th, 2011 at 9:25 am said:

@Kchow23..I know..i was trolling derp..


154

+ retroknight6 on October 12th, 2011 at 9:36 am said:

Everyone’s panicking but this is a MINOR HACK my gosh! I don’t know if I was hacked yet, but If I was, I’m screwed unless I change my password, because the passwords for all the sites I go to are similar, but not the same(guess I should change that now.)


155

+ PirateHarlock on October 12th, 2011 at 9:43 am said:

It just goes to show Sony is as lazy & half baked as always. They did know about this for a while before telling us about it and going about it in the same failed lazy way they did back in april / may. They knew their security was apalling this is the reason of part 15 in the latest ToS illegally attempting to remove all of our rights to legal action. Just goes to show firing all their network security people in the early part was such a great idea!

The more those of you inside sony take your jobs as a joke the more your competitors laugh at all of us as we get lost in the dust. Very poor showing From not only you Philip but everyone you work with. Sony is one of the few places on earth where such an unbelievably sloppy work ethic is tolerated.


156

+ IPumpMyGun on October 12th, 2011 at 10:39 am said:

PirateHarlock : STFU


157

+ IPumpMyGun on October 12th, 2011 at 10:40 am said:

PirateHarlock: This has nothing to do with Sony, but your own stupidity like many others.


158

+ Cedge410 on October 12th, 2011 at 10:48 am said:

Thanx


159

+ kurisu7885 on October 12th, 2011 at 10:59 am said:

Massive massive MASSIVE improvement over what happened months ago.

Keep this up Sony.


160

+ gtkodo on October 12th, 2011 at 11:11 am said:

We ,the Fans and Users of the PSN we appreciate about your services and we will always be! And also we remind you that there is no *Better* platform than the PS3! Also the PS will always have a bigger step in the technology than the others! Xbox is trying but will never be better! Keep the good work! Nobody leaves ,before he gives the war!


161

+ PremiumPencil on October 12th, 2011 at 11:13 am said:

Oh well hackers are gonna hack. i changed my email and PW just to make sure, thanks for the notice.


162

+ bogdan20041 on October 12th, 2011 at 11:21 am said:

ITS ALL MICROSOFT TRYING TO MAKE PS3 LOOK BAD SO PEOPLE WOULD BUY XBOX>>>


163

+ meFreeman on October 12th, 2011 at 11:23 am said:

This is bad! At least my account didn’t get affected hahahahahahahahaha I don’t even know my own password! xD


164

+ mikedo2007 on October 12th, 2011 at 11:28 am said:

Yeah I heard about this, this hacking attempt shows Sony is taking this seriously and I praise Sony for taking this hacking even if it’s minor for taking this strong action.


165

+ meFreeman on October 12th, 2011 at 11:29 am said:

Anyway, here on my country, the xbox360 looks more accessible and the live marketplace is selling games with price too much lower than PSN, next year ill buy a xbox360 for me, but i wont dispose of my ps3, but i’ll definitely give preference to the live marketplace when buying games online, PSN is selling games up to 3 times more higher in my country than the american psn, a game that’s cost U$29,99 here is around U$88,57 but live.. Well it gives the same price, when it don’t give lower


166

+ QckslvrGrl1 on October 12th, 2011 at 11:30 am said:

So I got an e-mail which I think is connected to an SOE account, probably for some MMO. If I just leave it be will it stay locked and I won’t have to worry about it?


167

+ meFreeman on October 12th, 2011 at 11:31 am said:

PS: when i sayd same price i mean, US live market place selling a game around U$19,90 and here selling the same game at the sime price or lower


168

+ Pendharker on October 12th, 2011 at 11:38 am said:

@Emby25: I appreciate where you’re coming from, but as a web developer myself, I can tell you that this intrusion was a brute force attempt at seeing who they could hack out of sheer luck. Most people on the web use the same username and password combination wherever they can. These “hackers” got the sign-on info from some other site and just wrote a script to try every single combination they had. In short, none of this is Sony’s fault. This is just a scripting attack that any low-level hacker could try and, in the end, they didn’t have enough chops to do any damage once they were inside. So, in the end, this is benign and I agree with those who are giving high fives to Sony for being up front about this. This has nothing to do with Sony quality. This has to do directly with the habits of online users.

@Sony – VERY nice job catching this before it became a major problem and for being up front about it. High five and thank you.


169

+ Taznorris on October 12th, 2011 at 11:41 am said:

Hmm……


170

+ Mayoo91 on October 12th, 2011 at 12:05 pm said:

Go Sony!


171

+ gus_xl on October 12th, 2011 at 12:24 pm said:

Keep fighting the good fight.


172

+ aldaris86 on October 12th, 2011 at 12:30 pm said:

Microsoft fan boys and 4chan trolls/users (anon) are getting desperate! lol


173

+ crawnuts on October 12th, 2011 at 12:32 pm said:

yeah except i am in that 93,000 that got shut down, not happy


174

+ Huydinhx3 on October 12th, 2011 at 12:36 pm said:

how to change password on ps3 or psn account


175

+ crawnuts on October 12th, 2011 at 12:39 pm said:

why havent i got my email yet then? mine is shut off and i cant do crap


176

+ Zoidzerg on October 12th, 2011 at 12:40 pm said:

Oh deary, I am freaking out a little until I get home to verify that my account is fine.

Thanks for the notice and forwardness Sony.


177

+ LEGIlON on October 12th, 2011 at 12:40 pm said:

So I checked my mail and account and nothing seems to be wrong, so am i safe?


178

+ crazy_kracker1 on October 12th, 2011 at 1:02 pm said:

? is how long did they no before they told us?????


179

+ Joyce139 on October 12th, 2011 at 1:06 pm said:

sounds scary, thanks 4 the heads up… does this mean we’re gettin an upd8?


180

+ ICEwarrior974 on October 12th, 2011 at 1:12 pm said:

WOW My account would be one of the ones that got locked up this day keeps getting [DELETED] worse and worse!!!! (I mde this account just so I could say this)


181

+ alex112398 on October 12th, 2011 at 1:15 pm said:

I have been getting 80710092 error code for the past couple of days is this just a random error or is my account locked?


182

+ Elimin8erX on October 12th, 2011 at 1:18 pm said:

Very impressed that you guys are taking the initiative on this. All we ask is to kept in the loop and you are doing a great job of it so far. Thank you.


183

+ jimboiscool1 on October 12th, 2011 at 1:19 pm said:

*Changes password word* Thanks for the heads up Sony!!


184

+ spiderboy59 on October 12th, 2011 at 1:20 pm said:

this is why im an psn member… you guys learn from the past and help make your customers have a good experience with their gaming.


185

+ jimboiscool1 on October 12th, 2011 at 1:20 pm said:

lol i typed word twice lol wow.. anyway im off to change it.


186

+ DaNTi3L on October 12th, 2011 at 1:25 pm said:

thanks for that info


187

+ NoGodsOnlyMan on October 12th, 2011 at 1:34 pm said:

it takes balls to be so honest and upfront in this sensitive issue

Great Job Sony

this attitude tells me “go and pre order Uncharted 3″

yep, that is my way of saying thank you


188

+ jcb_815 on October 12th, 2011 at 1:37 pm said:

I’m glad I wasn’t affected.


189

+ BrianC6234 on October 12th, 2011 at 1:44 pm said:

#155 – You’re a moron. This wasn’t a hack. I could find out your account name and try guessing passwords and it would be the same as this attack. Sony wasn’t hacked. Another site most likely was and they used the list they stole from that site to try to attack PSN accounts.


190

+ mizzou2030 on October 12th, 2011 at 2:06 pm said:

Thank you for letting me know Sony I will check my account


191

+ RatedUncharted on October 12th, 2011 at 2:18 pm said:

Let me wrap up this article and offer some tips

1. Do not use the same ID and password as your other frequently visited website, for example. Facebook.
So if Facebook were to get hacked, your psn account would still be safe.

2. To be even more paranoid, make an alternate psn account to participate discussions on psn’s forums, blogs.
Just to minimize the exposure your primary account, this is not necessary but its possible hackers lurking here and there for targets. I’ve been doing this since the outage.


192

+ xGamingOPTiCZzx on October 12th, 2011 at 2:50 pm said:

thx sony for the heads up hope you guys fix psn. you guys are the best :D


193

+ xGamingOPTiCZzx on October 12th, 2011 at 2:52 pm said:

OPTiC out


194

+ Froggnen on October 12th, 2011 at 3:17 pm said:

All I want to say is All of the cyberspace security systems should make 1 most protective network that God couldnt have built by himself.


195

+ Sayed_Haris on October 12th, 2011 at 3:29 pm said:

PSN for the WIN :)
XBOX 360 SUCK :( PERIOD.


196

+ Heavenly_king on October 12th, 2011 at 3:37 pm said:

If I haven’t received an e-mail, it means my account is ok?? :D


197

+ Crash15 on October 12th, 2011 at 3:42 pm said:

I wasn’t at risk Thank You Playstation I never jumped ship like all the other losers that just want online. I stayed with you all the way and if this ever happens I will indeed stay with all the way. Good Job on notifying us and I appreciate what you are doing keep up the good work. :)


198

+ Chrismon_1001 on October 12th, 2011 at 3:57 pm said:

Is Sony still storing the passwords in plain text how are they still getting passwords in these hacks. They have to be storing in plain text still, encrypt these things seriously.


199

+ Foxyspeedy on October 12th, 2011 at 4:00 pm said:

Good to know!


200

+ mcbuttz78 on October 12th, 2011 at 4:18 pm said:

you know im laughjing here tonight becuase i know very well the xbox fan boys are behind this attack.. becuase let me state a few fact sony is 5k console bhind xbox for #2 we surely will take them by dec month (fact). the xbox forums have been raging against us for the bf3 port and etc.. the cod map we got early really pissed them off #3..(fact) also a few who were arrestd back in may were xbox furom member and faithfuls..

So psn legioniarre fans dont worry to much. If you want to change your password. please do. But dont worry , becuase sony is still arresstting these lil punks.. Some of them got 18 yrs in prison so far among other charges from other companies.. So dont wry to much everyone if they want to play the feds are on ourside to play with them back. We play for keep here in playstation .. we dont rent to own. and yes jail terms is on ourlist of “it does every thing” !! hahahaha!! Try hardr xBOt TROLLs .. !!

mcbuttz78
vp=psn legionairee group


Comments are closed. We close the comments for posts after 30 days

Gamer Masterpiece

Create your own Gamer Masterpiece & share for votes.