Plugged In

Sony suffers second major security breach

Bumper Jack

View photo


PlayStation 3 - Sony

The data breach into the PlayStation Network continues to worsen.

Sony announced Monday it had discovered another 24.6 million accounts had been hacked, this time in the company's PC online gaming division. The intrusion is on top of the 77 million accounts that Sony has previously
acknowledged were breached.

Sony Online Entertainment, home of games like EverQuest, DC Universe and Free Realms, was the victim this time. The company says it does not believe its main
credit card database was compromised, but hackers did take personal information
including names, addresses, birth dates, phone numbers, usernames and

In addition, intruders took information from an outdated
2007 database, which contained approximately 12,700 credit or debit card
numbers and expiration dates (but not credit card security codes) for non-US
customers. Also, about 10,700 direct debit records were taken, which listed bank
account numbers of certain customers in Germany, Austria, the Netherlands and

"We had previously believed that SOE customer data had
not been obtained in the cyber-attacks on the company, but on May 1st we
concluded that SOE account information may have been stolen and we are
notifying you as soon as possible," the company said. "We apologize
for the inconvenience caused by the attack."

SOE game servers have been turned off and the company is
following the same procedures as it is with the PlayStation
Network hack
. It's also warning customers to follow the same security
procedures - specifically, to be on the lookout for email, phone and postal mail
scams; to change passwords when the servers come back online; and to monitor your
account statements.

While the attacks are just being made public, Sony says they
actually occurred
a day or two prior to the data incursion of the PSN.

SOE plans to give players 30 free days on their
subscriptions, along with one day for each day the system is down. The company
says it is also creating a "make good" plan for its massively multiplayer titles.

The discovery of this additional breach is humiliating for
Sony, as it held a press conference Sunday to apologize for the initial service
disruption and announce the imminent resumption of services.

"We would like to extend our apologies [to those] who
we inconvenienced and worried because we potentially compromised their data,"
said Kazuo Hirai, executive deputy president of Sony. "We offer our sincerest

By the end of the week, Sony plans to restore online
game-play access for both the PlayStation 3 and PSP portable gaming device,
along with user access to accounts, online movie and music streaming and chat

The company, however, will continue to investigate the
data breach and has asked for the FBI to conduct its own investigation as well.

View Comments (15)