Sony has detected mass “unauthorized sign-in” on PlayStation, Entertainment and Online Entertainment Networks, it said yesterday.
Click to enlarge
93,000 Sony users have been affected -or “one tenth of one percent” of all users – 60,000 of these were PlayStation and Entertainment Network online customers, while the remaining 33,000 were affiliated to Sony’s Online Network.
User credit card numbers details on the hacked accounts are not at risk, and activity has been minimal on accounts since the attack, it reassured customers.
The cyber attacked took place between October 7 – 10 US Pacific Daylight Time, Sony said, and has temporarily locked these 93,000 accounts hit.
The attack occurred where hackers succeeded in verifying Sony accounts’ with ‘valid’ sign-in IDs and passwords, allowing it to gain entry and hackers appeared to use large sets of sign-in IDs and passwords to verify accounts.
“Between October 7 – 10 US Pacific Daylight Time, we confirmed that these were unauthorized attempts, and took steps to thwart this activity,” Sony confirmed.
It plans to send email notifications to these account holders shortly who will be required to resets passwords.
“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked.”
“We are continuing to investigate the extent of unauthorized activity on any of these accounts.”
“We discovered these attempts and have taken steps to mitigate the activity” it said, clearly learning from past mistakes after a similar security breach occurred earlier this year but took the Japanese giant weeks to fully admit the extend of the attack.
PlayStation Network and Qriocity accounts were attacked in April last, thought to have been carried out by rogue cyber hackers, Lulzsec, with 1.5 million Aussie accounts affected, which was followed by a second cyber attack.
The unauthorised attackers attempts appear to include large amounts of data obtained from one or more compromised lists from other companies and sources, Sony said yesterday.