- 21 January 2007
- 21,629
"
Sony announced on Tuesday that hackers broke into the accounts of more than 93,000 customers by trying to log in to Sony using a large list of usernames and passwords.
Sony said it believed the intruders collected the log-in credentials from another source, not from Sony’s networks, and were able to gain access to the Sony accounts because customers used the same credentials with their Sony accounts.
Phil Reitinger, Sony’s new chief information security officer, made the announcement on the company’s blog.
He wrote that intruders tested a “massive set of sign-in IDs and passwords” at web sites for several of its properties — Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE). Most of the log-in credentials failed to gain the intruders access, but about 60,000 credentials matched those use by SEN and PSN users; another 33,000 matched credentials for SOE accounts.
“[G]iven that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks,” Reitinger wrote.
He noted that a “small fraction” of the accounts showed activity after they were breached, but that the intruders couldn’t access credit card account information. Sony had since locked all of the accounts accessed through the attack until customers can be notified to change their passwords.
“We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet,” he wrote.
Reitinger’s quick announcement was a departure from the company’s previous handling of a breach it suffered earlier this year, when the company waited a week to tell customers that its PlayStation Network had been hacked, and then was slow to release details. News reports indicate that the newest breach occurred primarily over the weekend between Oct. 7 and 10, just two working days before the company’s announcement.
...
"
http://www.wired.com/threatlevel/2011/10/93000-sony-accounts-breached/
Χιλιάδες λογαριασμοί επηρεαστήκαν από το τελευταίο περιστατικό ασφάλειας που ανακοίνωσε η Sony.
Φαίνεται να έγιναν τουλάχιστο τόσα επιτυχημένα Logins.
Πιθανολογείτε ότι πρόκειται για κοινά usernames/passwords κλεμμένα από άλλες υπηρεσίες.
Να προσθέσω ότι μπορεί να είναι χρήστες με passwords που χρησιμοποιούσαν παλιότερα.
Αν και φαίνεται να μη κατάφεραν να αποσπάσουν στοιχεία πιστωτικών καρτών αυτή τη φορά.
Sony announced on Tuesday that hackers broke into the accounts of more than 93,000 customers by trying to log in to Sony using a large list of usernames and passwords.
Sony said it believed the intruders collected the log-in credentials from another source, not from Sony’s networks, and were able to gain access to the Sony accounts because customers used the same credentials with their Sony accounts.
Phil Reitinger, Sony’s new chief information security officer, made the announcement on the company’s blog.
He wrote that intruders tested a “massive set of sign-in IDs and passwords” at web sites for several of its properties — Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE). Most of the log-in credentials failed to gain the intruders access, but about 60,000 credentials matched those use by SEN and PSN users; another 33,000 matched credentials for SOE accounts.
“[G]iven that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks,” Reitinger wrote.
He noted that a “small fraction” of the accounts showed activity after they were breached, but that the intruders couldn’t access credit card account information. Sony had since locked all of the accounts accessed through the attack until customers can be notified to change their passwords.
“We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet,” he wrote.
Reitinger’s quick announcement was a departure from the company’s previous handling of a breach it suffered earlier this year, when the company waited a week to tell customers that its PlayStation Network had been hacked, and then was slow to release details. News reports indicate that the newest breach occurred primarily over the weekend between Oct. 7 and 10, just two working days before the company’s announcement.
...
"
http://www.wired.com/threatlevel/2011/10/93000-sony-accounts-breached/
Χιλιάδες λογαριασμοί επηρεαστήκαν από το τελευταίο περιστατικό ασφάλειας που ανακοίνωσε η Sony.
Φαίνεται να έγιναν τουλάχιστο τόσα επιτυχημένα Logins.
Πιθανολογείτε ότι πρόκειται για κοινά usernames/passwords κλεμμένα από άλλες υπηρεσίες.
Να προσθέσω ότι μπορεί να είναι χρήστες με passwords που χρησιμοποιούσαν παλιότερα.
Αν και φαίνεται να μη κατάφεραν να αποσπάσουν στοιχεία πιστωτικών καρτών αυτή τη φορά.