May 14, 2020

24 Million Sony Online Entertainment User Records Exposed

Sony has revealed that the breach of its servers is much larger than originally reported. Initially Sony revealed that some 77 million user records where exposed during a breach of the PlayStation Network (PSN), however now it is reporting that 24.5 million Sony Online Entertainment user records have also been stolen.

Details are now emerging that the attack on the Sony Online Entertainment (SOE) network preceded that of the PlayStation Network, but it was only discovered yesterday. As a result Sony has taken down the SOE network, which hosts games that are played over the internet on PCs, and suspended its SOE games on Facebook.

The personal information of the approximately 24.6 million SOE accounts that was illegally obtained is as follows:

  • name
  • address
  • e-mail address
  • birthdate
  • gender
  • phone number
  • login name
  • hashed password

On Sunday, Sony announced that it will shortly begin a phased restoration by region of its PlayStation Network and Qriocit services, beginning with gaming, music and video services. It is unclear if the discovery of the SOE breach will delay this.

Sony Confirms That PlayStation Network Attack Exposed Personal Information

Sony’s online PlayStation Network has been unavailable since Wednesday 20th April when Sony spotted unauthorized access to the network by hackers on the preceding three days (April 17 to April 19, 2011). As a result of the intrusion, Sony are now confirming that, certain PlayStation Network and Qriocity service user account information was compromised.

Sony believe that the hackers have obtained access to users’ name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.

It is also possible that profile data, including purchase history and billing address (city, state, zip), along with password security answers may have been obtained.

Sony are alerting its PlayStation Network consumers to be aware of email, telephone, and postal mail scams that ask for personal or sensitive information. And they reminder users that Sony will not contact them in any way, including by email, asking for your credit card number, social security number or other personally identifiable information.

Sony are continuing to work on this problem and have engaged an outside, security firm to conduct a full and complete investigation into what happened.