Déjà vu?
Sony has locked the PSN and SOE accounts of 93,000 users following a hacking attempt that saw hackers try to test a 'massive set of log-in IDs and passwords.' The company revealed the attempted breach in a blog post published last night. Philip Reitinger, SVP & Chief Information Security Officer at Sony Group, said that the data likely came from another source, and not from Sony's own networks.
"These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources," he said. "In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity."
However, the hackers weren't totally unsuccessful. Reitinger said that there were roughly 93,000 accounts (60K on PSN/SEN and 33K on SOE) where the attackers succeeded in verifying valid sign-in IDs and passwords. Sony has locked those accounts and is reviewing them for unauthorized access. The company assured affected users that credit card numbers associated with their accounts are not at risk. He also explained that users will need to change their passwords.
"As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt," Retinger said. "If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password."
Affected SOE account holders will receive an email advising them on steps to take that will validate their account and switch it back on.
because those were already stolen from the last time
because those were already stolen from the last time
This is an unfortunate side-effect of a "connected" world. Just trying to keep things in perspective.
Why do other companies have databases with login ID's and Passwords to begin with? that in itself is very insecure, does Sony actually give this database out to other companies? If so to what purpose? I would much rather think that these are list stolen during the last break and are being tested, too bad 93K people are too stupid to actually change their password after knowingly being hacked.
I didn't. Not because I am an idiot, but because I had never logged back on (no sensitive info)
Load your money into one of those and validate the number against the website. When you do buy something, no credit card needed.
There's probably a more ingenious way to do it, but that seems to work for me, and ensures security by not inserting my credit card info to the PSN service/website.
i don't think biometric will help much
someone stole my info from the psn ..
now what sony ... im so gonna sue
How many of these people will actually pay attention to the e-mail and not just delete it immediately as spam. As we have been trained to do with all the scam e-mail claiming to be Paypal, eBay, Bank of America, &c. Which then ask to click a link to verify information among other things to get passwords, usernames, personal identification, &c.