PlayStation.Blog

An Important Message From Sony’s Chief Information Security Officer

267 0
An Important Message From Sony’s Chief Information Security Officer

We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.

Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them. Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.

As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.

Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.

We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.

Comments are closed.

267 Comments

  • Jeeves_Tremor

    Well then, the more you know.

    And Knowing is half the battle!

  • KazeEternal

    Thank you for the update. Please keep up the good work.

  • Thanks for letting everyone know so soon. It’s better to be aware.

  • Thanks for the update, much appreciated :)

  • That’s why I use PSN cards, but still quick response and all that is much appreciated big time.

    Keep up the Great work all!!

  • This is good that your letting us know this before everyone goes in another rage.

  • loganwolf13

    good job sony thats how u do it

  • Bxbombers007

    This needs to stop

  • Thanks very much for letting us know.

  • Thank you so much for the info

  • its great that you guys are letting us know soon but this hack thing needs to stop

  • 1 step ahead is always awesome. Thank you for the heads up!!

  • #11 that’s like saying violence needs to stop, sounds good on paper never will happen

  • Oh snaaaaapppp. Attempts at using log-ins acquired from other websites?! I hope everyone uses an alternate password!

  • keep people posted

  • Awesome catch. I’m glad to see you guys really stepped up your response time and over all security. :)

  • I appreciate Phil’s seemingly quick response to the situation, but I feel like they are sugar coating and trying to make 93,000 accounts being compromised seem fine and acceptable. Yes they may have gotten the PW’s and usernames from another source, but think about it for a second… where did that website get the usernames and passwords. Sony I love your gaming consoles, and games but I must admit if you keep dropping the ball with all these silly little IT mishaps you WILL start losing customers. Sorry for the tough love!

    Emby25 (Matt)

  • Thanks for the heads up. You guys are up-front about issues like this, which is why I trust you.

  • Thanks for letting us know what’s going on. But hacked again?

  • Thanks for the heads up Sony. Well done. Bravo!

  • Nice. On the ball.

  • Dwayne_AKA_OE

    Thank You for the Heads up

  • Thank you for your time and effort of alerting us users.

  • OmegaJirachi

    Sony, will you please not only locate the hackers, but KILL them too? Or at least put them in prison for life.

  • They say only a small percent 0.1 but that is still 93,000 people. That is a lot of people. Can’t downplay that. Sure it is small compared to 74 million accounts.

  • Wow, looks like I got hacked. Great, going to be a lot of fun getting my account back. Oh well, I just hope it gets fixed.

  • OmegaJirachi

    Anyway, thank you thank you THANK YOU for informing us. I just changed my password, instead of making it words, it’s a scramble of letters and numbers that would take me forever to memorize, character by character. Luckily I wrote it on a physical piece of paper. Take THAT, hackers!

  • Cover yourselves, everyone, and use PSN cards… you can order them on Amazon, and they can e-mail you the activation code; it’s a win-win. Oh yeah; thanks for the speedy alert, Sony. :)

  • Great job Sony

  • FredPunella

    Way to go Sony!

    Sony/Gamers: 1
    Script Kiddies: 0

  • Thanks for the update. Please take care of it. Should also inform FBI about this.

  • Wow, that was… quick!

  • Sure am glad I opted out of the new EULA now. I figured something would happen again

  • darthmilo77

    How did any of them work if there were mandatory password changes in May?

  • JH-FallenReaper

    so does this mean another lockdown in the future or just a warning not that i have anything valuable in my account!!

  • @34, not everyone used PSN since the mandatory password change (meaning they never changed their password).

    Furthermore, some people may have changed their PSN password to match a password they use on another website.

    These two things are likely where the majority of “successful attempts” came from.

  • P.S. This happens on Steam all the time. Hackers steal email/passwords from forums/websites with TERRIBLE security and try the passwords all at once on Steam.

  • Come on Philip Reitinger…You and your team got to be no this 24/7, so Sony’s security won’t be breached again….

  • Thank You Sony. Keep it Up. Good to know whats goin and that yall are right on the situation.

  • Edit: On

  • jimmyfoxhound

    wow.. PSN gonna be shut down again.. this sucks..

  • Thanks for the quick update this time and not waiting over a week to inform us.

  • WOW, glad to hear they are on top of things…

  • I don’t think a shut down of PSN will be necessary this time.

  • Great. My account has been locked and am unable to access PSN and play online. Come on guys, this is getting old.

  • Spurs2109: Would you rather hackers take control of your account? Safety measures are in place for a reason as opposed to last time and Sony not being on the ball quick enough.

  • Spurs2109: If you’re one of those people Sony is contacting through email they have stated to change your password.

  • qwertyuiop357

    Thanks for letting us know! Looks like you guys learned a few things :)

  • Good stuff, way to be on the ball this time!

  • inb4 They’ve known this for a week

Please enter your date of birth.