Sony under fire again as 93,000 accounts attacked
Login data thought to be from "other sources", credit cards "not at risk"
Sony has detected another mass login attempt on its database of PlayStation Network, Sony Online Entertainment and Sony Entertainment Network accounts, with what it calls a "a massive set of sign-in IDs and passwords" being used to attempt access to 93,000 accounts.
That list is thought to have been collated from "other companies, sites or other sources". Sony has promised to attempt to reimburse customers for any misappropriated PlayStation wallet funds.
All affected accounts, of which 60,000 were PSN/SEN and 33,000 SOE, have been temporarily locked to prevent any further access. Only a "small fraction" of the accounts accessed showed any activity before being locked, indicating that relatively few had their data compromised.
"These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources," reads a post on the official PlayStation Blog.
"In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
"Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected...Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet."
Emails will be sent to all affected customers, says Sony.
In April, the PSN database suffered a huge security breach, resulting in 75 million vulnerable accounts and almost six weeks of downtime whilst security measures were improved.
After that attack, Sony came under fire from many bodies for the delay in letting its customers know about the breach, even facing questions from the US Senate.