Sony announced today that approximately 93,000 accounts on their various networks were nearly accessed by a third-party over the last month. Company officials said that although the intrusion was apparently averted, the accounts were left frozen and their owners were warned via e-mail.
Sony’s SVP & Chief Information Security Officer Philip Reitinger had this to say at Playstation.Blog:
We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
Reitinger estimates that about 0.1% of all accounts were potentially effected. Sony operates a handful of media services with their own accounts, including Playstation Network and Qriocity.
Nearly six months ago, a massive intrusion brought down Qriocity and PSN, affecting over 100 million users worldwide.
Although a lack of online play was an inconvenience for most, the incident threw into question whether or not Sony could be trusted with customer information.