Compromised Info Used to Access Approximately 93,000 PSN Accounts

Late last night Sony discovered an attack that was made against a large number of PSN accounts. By collecting data through other websites, hackers were able to use a combination of user names and passwords to log into various PSN accounts.

Luckily, this attack only affected roughly  93,000 PS3 users – which is less than one tenth of the total registered accounts.


Those that were affected have had their accounts locked down and were promptly sent an email asking the users to change their passwords. The email was sent directly from Sony – so if you were one of the people who had their account hacked, or suspect you might have been, it’s probably best to check your inbox and follow the steps in the email. Hopefully those that were affected did not use a fake email address when creating their PSN account.

In addition, Sony has assured customers that the breach had nothing to do with security or information on Sony’s side. It is believed that the hackers retrieved data from other networks or databases, just another reason why individuals should use difficult and/or different passwords for any online activity.

“These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.”

For those still skeptical that Sony’s security is not to blame, it’s important to remember that it was only a couple of months ago that they asked all PSN users to change passwords associated with their accounts. This means that even if the hackers had taken information from the April PSN attack, it would be impossible for them to know anyone’s password – unless of course a user changed his/her password back after the incident. Sony has also made it clear that no credit card info was released, so those worried about financial security can rest easy.

Many people thought Sony handled the PSN attack from April poorly, seeing as it took them a few days to tell customers about the breach – using the guise of maintenance to keep things low key while they investigated. Whether or not you agree with that sentiment, Sony seems to have handled this situation significantly better than in the past – hopefully this will only be a minor bump in the road as they work to rebuild consumer trust after the infamous PSN attack.

Follow me on Twitter @AnthonyMole

Source: PlayStation Blog 

tags: PS3, PSN, PSP, Sony