• Sony Hacked Again New Phishing Sites Identified

    // Gradly // blog, Consoles, Featured, News, PS3, Scandal, Sony 1 Response

    It seems like a nightmare for Sony as Reuters now reports that the Internet service provider unit of Japan’s Sony, alerted customers that an intruder broke into its system and stole virtual points from account holders worth $1,225.

    This latest attacks comes after personal information of some 100 million Sony user accounts was stolen last month when its online gaming systems, the PlayStation Network and Sony Online Entertainment, were hacked.

    “What we’ve done is stopped the So-Net points exchanges and told customers to change their passwords,” So-Net said in a statement to customers on its website in Japanese.

    About 100,000 yen ($1,225) was stolen from accounts that were attacked. The company said there was no evidence that other accounts in the online system had been hacked.

    “At this point in our investigations, we have not confirmed any data leakage. We have not found any sign of a possibility that a third party has obtained members’ names, address, birth dates and phone numbers.”

    Security experts, however said that Sony’s networks around the world remain vulnerable to attack.

    Update:

    There’s signs of a credit card phishing scam apparently running, live, on one of the company’s servers as reported by slashgear where F-Secure discovered the fake site, at hdworld.sony.co.th, inviting people to enter all their details for a card they’ll never get.

    At time of writing the page was still up, though Google’s Chrome browser did warn us that it was a reported phishing site. F-Secure has apparently notified Sony, and we’re expecting the company to move with reasonable speed to make sure this all gets removed.

    Actually figuring out how the pages got onto the servers, however, and what loopholes are being taken advantage of may take longer, and it seems that Sony isn’t out of the woods yet when it comes to addressing its security. There are also unconfirmed reports that phishers are sending out fake PSN password reset emails, so do be careful where you click.

  • Anonymous Hacker Group Possibly Behind PSN Security Breach

    // Gradly // blog, Consoles, News, PS3, Rants & Raves, Scandal, Sony No Responses

    According to Financial Times, two long-time members belonging to the hacker group Anonymous says it’s likely that other group members were behind the attack that took Sony by surprised–contrary to what the group said yesterday in their press release, released yesterday.

    Sony has said in a letter to the US Congress that it found evidence suggesting Anonymous’ involvement but has not directly accused the group of the crime, which exposed millions of customer accounts.

    One member from the group told FT that he saw the technical details of the vulnerability in Sony’s network prior to the attack on the PlayStation Network; the member added, “The hacker that did this was supporting OpSony’s movements”.

    Another long-time member of the Anonymous group told FT that it’s very likely that other members from the group hacked Sony, “If you say you are Anonymous, and do something as Anonymous, then Anonymous did it,” said the hacker, who uses the online nickname Kayla. “Just because the rest of Anonymous might not agree with it, doesn’t mean Anonymous didn’t do it.”

    We’re not sure who to believe? More on PSN hack here.

  • Sony Says 25 Million More Accounts At Risk In A Second Security Hack

    // Gradly // blog, Consoles, News, PS3, Scandal, Sony 5 Responses

    Sony CEO Howard Stringer faced criticism of his leadership after the consumer electronics giant revealed hackers may have stolen the data of another 25 million accounts in a second massive security breach. as reported today by Reuters.

    Sony’s latest revelation came just a day after it announced measures had been put in place to avert another cyberattack like that which hit its PlayStation Network, hoping to repair its tarnished image and reassure customers who might be pondering a shift to Microsoft’s Xbox.

    The Japanese electronics company said its Sony Online Entertainment PC games network had been hacked on April 18, but did not find out about the breach until the early hours of Monday and shut down the service shortly afterwards.

    The breach may also have led to the theft of 10,700 direct debit records from customers in Austria, Germany, the Netherlands and Spain and 12,700 non-U.S. credit or debit card numbers, it said. Stringer has not commented on the security breach, leaving No.2 Kazuo Hirai to lead the news conference and apology on Sunday. Hirai headed the networks division and is seen as the likely successor to Stringer, who in March committed to stay in his role for the current year at least.

    The attack that Sony disclosed on Monday took place a day before a massive break-in of its separate PlayStation video game network that led to the theft of data from 77 million user accounts. Sony revealed that attack last week.

    Sony said late on Monday that the names, addresses, emails, birthdates, phone numbers and other information from 24.6 million PC games accounts may have been stolen from its servers as well as an “outdated database” from 2007.

    Sony executives apologized on Sunday and said the company would gradually restart the PlayStation Network with increased security and would offer some free content to users, pleasing a number of its users.

  • Sony Executives Apologize For Security Breach in Playstation Network

    // Gradly // blog, Consoles, News, PS3, Scandal, Sony No Responses

    Sony executives bowed in apology for a security breach in the company’s PlayStation Network that compromised the personal data of some 77 million accounts on the online service, said the Associated Press.

    “We deeply apologize for the inconvenience we have caused,” said Kazuo Hirai, chief of Sony Corp.’s PlayStation video game unit, who was among the three executives who held their heads low for several seconds at the company’s Tokyo headquarters in the traditional style of a Japanese apology.

    Hirai said parts of the service would be back this week and that the company would beef up security measures. But he and other executives acknowledged that not enough had been done in security precautions, and promised that the company’s network services were under a basic review to prevent a recurrence.

    Hirai said the FBI and other authorities had been contacted to start an investigation into what the company called “a criminal cyber attack” on Sony’s data center in San Diego, California.

    Sony said account information, including names, birth dates, email addresses and log-in information, was compromised for players using its PlayStation Network. Hirai asked all users to change their passwords.

    He said data from 10 million credit cards were believed to be involved, and that Sony still does not know whether information was stolen.

    Sony has added software monitoring and enhanced data protection and encryption as new security measures, he said. The company said it would offer “welcome back” freebies such as complimentary downloads and 30 days of free service around the world to show remorse and appreciation.

    According to Sony, of the 77 million PlayStation Network accounts, about 36 million are in the U.S. and elsewhere in the Americas, while 32 million are in Europe and 9 million in Asia, mostly in Japan.