| 

Further 24.6 Million Peoples’ Data Stolen From Sony’s Gaming Wing

After 77 million peoples’ data was stolen from PSN servers two weeks ago, Sony is facing more problems as it revealed that a further 24.6 million peoples’ information was taken from its online gaming wing, Sony Online Entertainment.

In a press release published Tuesday, Sony said that an attack on the SOE servers occurred before the larger PSN attack and saw names, addresses, emails, birth dates and phone numbers taken. In a separate outdated server from 2007, a further 12,700 non-US credit card details could have been stolen along with 10,700 bank account details (direct debit cards) from countries such as Austria, Germany, Netherlands and Spain.

This attack occurred between the 16th and 17th of April, while the PSN attack took place from the 17th and 19th of April. Sony Online Entertainment had previously said that ”to the best of our knowledge, no customer personal information got out to any unauthorized person or persons” but that investigations were continuing. Sony took down SOE services on Monday.

This revelation will apply further pressure on Sony as the total number of peoples’ personal data leaked passes one hundred million. In a statement, a Sony spokeswoman said: ”We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1 we concluded that SOE account information may have been stolen.”

The latest batch of credit card numbers did not include the three digit security code and the age of the sever (2007) will mean that some of the cards may be out of date. However, the information could still be used by criminals.

For the downtime and leaks, Sony is offering SOE customers 30 days’ worth of online play as well as a day for every day the service is down.

From Sony’s press release:

The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:

name
address
e-mail address
birthdate
gender
phone number
login name
hashed password.

In addition to the information above, the 10,700 direct debit records from accounts in Austria, Germany, Netherlands and Spain, include:

bank account number
customer name
account name
customer address.

You can read a full summary of events so far on our Live Report.

via: Engadget, The Wall Street Journal

Comments

Ace Flibble Says:
May 3rd, 2011 at 3:24 am   (Reply)

Amazing. Simply amazing. I’m not sure if the offer of a month of free online play is offensive or simply adds to the hilarity.

Rifter01 Says:
May 3rd, 2011 at 6:19 am   (Reply)

Personally, I hope more is done by all game companies to protect gamers privacy & safety. Some corporations may consider consumers as ‘just a number’ or endless pages of tangible data that can be kept under assumed-safe hardware lock & software key. But, we know assumptions aren’t good practice and as such there should be more consideration towards the securing of customer info. at all times.

Whatever the weakest link is ‘yesterday’ should always be made stronger ‘today’ and not wait until tomorrow.


Leave a comment

You are not currently logged in. Comments by registered users are highlighted and are much more likely to be read. You can either login here, or register for Nukezilla here. It's also worth noting that if you're not registered and your comment contains a link, it will be marked as spam and may take a while to be manually approved.

 

For help with formatting and posting images click here. To edit your avatar click here (we use Globally Recognized Avatars so your avatar works on a bunch of different sites automatically).

because the games we love could be better