Sony is quickly losing all its credibility. Last week we saw the fiasco over its delay in informing 77 million users of the PlayStation Network that their personal details had been compromised and now it has revealed that a further 25 million users are at risk.
The new discovery, only made on Sunday and announced this morning, relates to an earlier and separate attack on its Sony Online Entertainment (SOE) PC games network, which took place between 16 and 17 April. The 25 million users affected, had their name, address (city, state, zip, country), email address, gender, date of birth, phone number, login name and hashed password compromised. More worryingly, Sony also confirmed that credit or debit card details of 12,700 non-US customers were taken though it added that these details came from “an outdated database from 2007.” Also contained in that database were 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain. Sony has said it will contact all of these customers promptly via email.
According to Sony there is no evidence that their main credit card database was compromised as it is in “a completely separate and secured environment.” However given Sony’s recent history, we doubt that a statement like this will reassure many who have their financial details stored with SOE. Over the weekend, Sony apologised to its PSN customers affected by the breach with Sony executive Kazuo Hirai announcing measures which have been put in place to avert another attack like that which hit its PlayStation Network. On Monday Sony refused to testify in person in front of a US congressional hearing, but agreed to respond to questions on how consumer private data is protected by businesses in a letter on Tuesday. The SOE network was taken down on Monday and Sony suspended its SOE games on Facebook because they use "microtransactions" and the sale of virtual goods, if subverted could be used by hackers to make illicit transactions.
While nothing official has been announced, there are certain to be some serious repercussions within Sony following these security breaches and subsequent public relations disaster. We await further information regarding the PlayStation Network and Sony Online Entertainment starting back up again and how many users will desert Sony because of this breach.
Source: Sony Online Entertainment