blog archive

Wednesday, 27 April 2011

PlayStation hacker leaves 77m at risk



A week after its gaming network was hacked, Sony says millions of credit card details may have been stolen.
Last Modified: 27 Apr 2011 06:42

More than a week after being the target of an online attack, Sony has said the personal information - including credit card details - of up to 77million of its customers may have been stolen.

The electronics giant's internet gaming service, PlayStation Network, was "compromised with an illegal and unauthorised intrusion", said the company.

It planned to restore "some services" within a week, and has appointed a computer security company to investigate the network's outage.

Writing on the company's blog, Patrick Seybold, senior director of corporate communications, said that users' names, home and email addresses, login and password details - as well as billing history - may have been accessed by "an unauthorised person".

"While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," he posted.

"If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."

The personal details of children may also be at risk, he explained.

"If you have authorised a sub-account for your dependent, the same data with respect to your dependent may have been obtained."

Hack attack

The network was hacked at some point between April 17 and April 19, and Sony turned off the services shortly after to prevent any further attacks.

But the delay in the corporation informing its customers that their personal information was at risk led US Senator Richard Blumenthal to write to Jack Tretton, president of Sony Computer Entertainment.

"Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised," he wrote.

"Nor has Sony specified how it intends to protect these consumers."

Following Sony's legal action against PS3 hacker George Hotz, hacktivist group Anonymous threatened to target the Tokyo-based conglomerate - but this week denied it was behind the attack on the PlayStation Network.

"For once we didn't do it," said the group.

If confirmed at 77million records, it would rank as one of the largest ever credit card data breaches. The Open Security Foundation lists three larger, with merchant processing company Heartland Payment Systems taking the top spot after a 2008 hack exposed up to 130million credit card details.


Source:
Al Jazeera

No comments:

Post a Comment