Sony are having a really bad time at the moment, some may say karma, with PSN being down for two weeks you would think that Sony has had a enough “punishment”, but it seems not, as news emerges that SOE(Sony Online Entertainment) was closed down today, due to a security breach, Sony believe this breach, happened around the same time as the PSN breach, here is a quote from the press release:
SONY ONLINE ENTERTAINMENT ANNOUNCES
THEFT OF DATA FROM ITS SYSTEMS
Breach Believed to Stem From Initial Criminal Hack of SOE
Tokyo, May 3, 2011 – Sony Corporation and Sony Computer Entertainment announced today that their ongoing investigation of illegal intrusions into Sony Online Entertainment LLC (SOE, the company) systems revealed yesterday morning (May 2, Tokyo time) that hackers may have stolen SOE customer information on April 16th and 17th, 2011 (PDT). SOE is based in San Diego, California, U.S.A. This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain. With the current outage of the PlayStation® Network and Qriocityâ„¢ services and the ongoing investigation into the recent attacks, SOE had also undertaken an intensive investigation into its system. Upon discovery of this additional information, the company promptly shut down all servers related to SOE services while continuing to review and upgrade all of its online security systems in the face of these unprecedented cyber-attacks. On May 1, Sony apologized to its customers for the inconvenience caused by its network services outages. The company is working with the FBI and continuing its own full investigation while working to restore all services. Sony is making this disclosure as quickly as possible after the discovery of the theft, and the company has posted information on its website and will send e-mails to all consumers whose data may have been stolen. The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows: · name · address · e-mail address · birthdate · gender · phone number · login name · hashed password. In addition to the information above, the 10,700 direct debit records from accounts in Austria, Germany, Netherlands and Spain, include: · bank account number · customer name · account name · customer address. SOE will grant customers 30 days of additional time on their subscriptions, in addition to compensating them one day for each day the system is down. It is also in the process of outlining a “make good” plan for its PlayStation®3 MMOs (DC Universe Online and Free Realms). More information will be released this week. Additionally, the company is committed to helping its customers protect their personal data and will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in each region. Sony Online Entertainment LLC (SOE) has been a recognized worldwide leader in massively multiplayer online games since 1999. Best known for its blockbuster hits and franchises, including EverQuest®, EverQuest® II, Champions of Norrath®, PlanetSide®, Free Realms®, Clone Wars Adventuresâ„¢, and DC Universe Onlineâ„¢, SOE creates, develops and provides compelling online entertainment for virtually all platforms, including the PlayStation®3 Computer Entertainment System, Personal Computer, mobile and social networks. SOE is building on its proven legacy and pioneering the future of the interactive entertainment space through creative development and inspired gameplay design for audiences of all ages. To learn more, visit www.soe.com .
From www.soe.com:
Dear Valued Sony Online Entertainment Customer:
Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.
There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.
We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.
We apologize for the inconvenience caused by the attack and as a result, we have:
1) Temporarily turned off all SOE game services;
2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3) Quickly taken steps to enhance security and strengthen our network infrastructure to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When SOE’s services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your Station or SOE game account name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.
We are committed to helping our customers protect their personal data and we will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in regions in which such programs are commonly utilized.
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1 (866) 436-6698 should you have any additional questions.
Sincerely,Sony Online Entertainment LLC
05-02-2011
06:14 PM
Wow, everybody loves Sony.
Can't say I'm surprised. Nor can I say im disappointed. Karma is a giant shlong.
05-02-2011
06:20 PM
I heard through some videos and articles that PSN was going to be partially restored tomorrow so... let's hope it really does.
05-02-2011
06:20 PM
Meh!
same old crap! havent heard anything newsworthy in a week.
05-02-2011
06:27 PM
Does this mean no psn tmoz ? And if so FUK SONY IM GETTING AN XBX <
05-02-2011
06:27 PM
Maybe they have to change the name from sony to sorry...
05-02-2011
06:30 PM
when is psn back
05-02-2011
06:31 PM
This truly makes me sick. This is what messes up everything. Sony may have rubbed many customers the wrong way. This however is not an attack on Sony this is an attack on the livelyhood of it's users. GONE TOO FAR! This has got to stop. Identity theft destroys lives and by the sounds of it whoever is doing this is trying to get rich doing so. The thought of people trying to auction off indentities online is sickening. They deserve to be shot. This is no longer a subject of Linux or homebrew These types of people are evil
05-02-2011
06:41 PM
Man, **** sony i had enough of this wait if it doesnt come in tomorrow im definitely switching to 360.......it makes me a Sad sad sad PANDA cause all my friends r on the ****ing psn
05-02-2011
06:44 PM
Some of you act as though its the end of the world that you havnt been able to play online. Get real........its just a stupid game.........go outside.
05-02-2011
06:45 PM
Correction:
The image should read "Sony *Offline* Entertainment"
Simple mistake.
05-02-2011
06:50 PM
hey mc jerk do you have ready a new credit card i hope you are not so stupid like to buy samthink from psn store again??? yes i now they close all the security hols that time and you will use only prepaid cards ???understand the ps3 is not the best game consol,maybe was looking for same time but is unsafe the sony pist of hackers and pirates the simple players boycote the sony becouse the lowsuit to people ho dont done nothink bad.... the sony deserve it....use psn but dont buy again nothink from psnstore ....i have a n old ps3 with cofg... and long time i dont have psn and i have 30 original games on blue ray and i buy on psnstore now the hackers zeroed my credit card thanks to psn ..before 2 weeks i was thinkin to buy a second ps3 for online gaming .but now if i buy a second console i will buy the new model of xbox.sorry for my english ..ps. i was buying games to last moment wen i was availible to conect with out update .after that only pirate games becouse is stupid to pay somthink and dont have a foul product no online and be sceard maybe the lock your acound and you loose all your the games you buy from psn..boycote the wankers they deserve it !!!!!!!!!!!!!!
************* [ - Post Merged - ] *************
i dont belive it i hade axbox360 and after i buy a ps3 i make it present to a nefwe . i was so stupid....
05-02-2011
06:54 PM
first off its a real pity that the none ps3 gamers are affected by the sony fail and are now in the same boat as the psn user's.
Perhaps we will never know what really happend
If the mmorpg titles are not back up and running soon players will move on to other games which will hurt sony even more, Never mind the ones that will be put off by fact there personal data is now in hands of criminals just like the PSN user's is.
Just a thought but if there was lets say 22 million credit card details that was stolen and used, Then even if the amount of lets say £10 was charged to the cards that would be 22 billion. If they charged £5 to the cards it would be 11 billion hell even if it was £1 then over millions of differnt cards it all adds up to a very tidy sum.
Which if you think about it that huge sum of money which you can point the finger at some so called bogymen hackers that the world could blame insted, If it was infact sony that did this then it would help Sony out of a very expensive legal and profit loosing last 10 months ?
05-02-2011
06:56 PM
05-02-2011
07:01 PM
05-02-2011
07:20 PM
05-02-2011
07:49 PM
05-02-2011
09:35 PM
So switch already you piece of sh-t! Most corporations could never recover from such devastating blows. They would have to shut down and reincorporate as a different company. Their doing everything they can. What more do you want. It's like saying f-ck the US government for not protecting their land from 9/11. I'm sure more than 90% of PS3 gamers will support them and buy PS4s. People like you just read news and write the most typical responses (like f-ck Sony, karma is a b-tch). Don't you realize that this is hurting everyone?
05-02-2011
09:44 PM
PSN will possibly be coming back on tuesday. I tried to log in today and noticed the servers are up but not fully. so it will be soon
05-02-2011
10:05 PM
SCE should just give everybody an xbox and go out of business.
05-03-2011
02:44 AM
This type of messages can be done via PM, please try not doing them on a main forum topic as it can verge it off topic
Fixed, also put your name below "OFFLINE"
05-03-2011
06:08 AM
I think this is brilliant news, I hate Sony now, so anything bad that happens to ruin them the better.
The hackers that are doing this are most likely from a criminal organisation, they heard how unsecure the ps3 was and then probably decided to try sony's servers, they got in and they hit a gold mine. So they though we'll try other sony services, and look at that they got in again.
Dont get these hackers mixed up with anonymous though, anonymous probably wouldnt have done something to stress customers.
05-03-2011
06:44 AM
Karma bites back lol. Payback is a b***h. Notice how nothing like this happened until Sony started going too far with suing people etc.
05-03-2011
10:17 AM
@ banmonster : Why do you even say that this is no longer about linux and homebrew? From what I've seen, these attacks have NEVER been about linux or homebrew. There is no indication of any connection between hackers, pirates, homebrew advocates, linux advocates, or any other regulars to this site and the attacks on Sony's networks. I understand your anger, and agree that identity theft sucks, but your post implies accusations that are wholly unfounded at this point.
05-03-2011
12:43 PM
Man, Sony just should have walked away. It is open season on them now. I guess the upside for them is they will be battle hardened security wise now. But at what cost? I wonder if this all would have happened if they would have just said, "Linux, ok no big deal sure, have at it."? I mean even M$ hasn't done anything this aggressive with drive firmwares and copied disks. They mostly take the stance of "Not on Live you don't". And that mostly works. Maybe because people care less about the loss of PSN? Dono, just seems like such a different reaction between the 2 and M$ isn't being swarmed by hackers like fire ants.
05-03-2011
01:26 PM
PS"L"N
L is Local :D
05-03-2011
05:27 PM
you are completely right. Bad Grammar. I was too vauge on point. I do not believe the devs who code homebrew, emulators, backup managers, or alternatives for other OS are behind this at all. I believe this is an entirely different element of hacker. Hardly Something I see Geohot, Graf, Deank, Kmeaw or any of these guys doing. Though people like to group hackers all under the same umbrella
************* [ - Post Merged - ] *************