Sony Detects New Web Attack, 93,000 Accounts Are Locked Down
October 12, 2011 10:33 AM
Sony's new security chief appears to be orchestrating a more proactive response
Sony Corp.'s (
new SVP & Chief Information Security Officer
, Philip Reitinger, certainly has his work cut out for him. While beloved by many gamers, Sony is also loathed by many hackers for its such tactics as trying to
sue modders of legally purchased consoles into oblivion
and trying to get PSN users to
sign away their rights to sue Sony for negligence
That vehemence led to it getting mauled in a series of intrusions [
] this spring, which struck a massive blow
and in terms of reputation for the electronics giant.
on Monday that his staff had detected a major, concerted effort to attack Sony's online services -- the Sony Entertainment Network (SEN), the PlayStation Network (PSN) and Sony Online Entertainment (SOE). The new security chief accounts:
We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
The attacks appeared to use a large database of usernames and passwords, which Sony believes came from a third-party. Sony backs this hypothesis by point to the fact than only 0.1 percent of accounts appeared to have been compromised out of those where login was attempted.
While that's relatively good news for Sony, it still means that "93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000)" were compromised. As a precaution, Sony has locked down all of these accounts. The company will be issuing affected users an email, allowing them to reset their password.
Sony warns users that they should exercise common sense when making their passwords. Mr. Reitinger writes:
We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.
The incidents appears to be the first major test of the new chief's mettle. He certainly has an impressive resume, having recently departed from a cybersecurity role in Obama administration. Previously he served as head of the
Department of Defense
and at the
Department of Justice
as the deputy chief of the
Computer Crime and Intellectual Property
division. Reitinger also served as an advisor to the
Federal Emergency Management Agency
(FEMA) on cybersecurity emergency management as a member of the FEMA Advisory Council while employed as a strategist for Microsoft, Corp. (
Meet Philip Reitinger, Sony's new security chief. [Source: Sony Rumors]
Thus far Sony appears to be responding much more quickly and much more definitively to his incident, compared to the confusion that swept it during the April and May attacks.
While it's hard not to find fault with Sony's management, if reports of
layoffs worsening the late spring attacks
are true, on the other hand it's equally hard to begrudge Sony for getting attacked this time around.
The fact of the matter is that if enough people don't like you online, there's always some large databases of leaked usernames/passwords floating around and these databases can be used for a direct attack as appears to be the case here. About the best a company can do to stop such an attack is to block the attacking IPs and lock down the affected accounts. And that appears to be exactly what Sony did.
"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg
Sony PS3 Update Tries to Force Customers to Sign Away Their Rights
September 16, 2011, 6:00 PM
Sony and Apple Look for Fresh Blood Amid Security Woes
September 6, 2011, 11:51 AM
PSN is at Last Back From the Dead in Japan
July 4, 2011, 8:23 PM
Facing Prison, PS3 Hacker Tells Sony: You'll Have to "Kill Me" to Silence Me
June 18, 2011, 7:10 PM
LulzSec Hacked? Nope. Sony Hacked Again? Yes, Twice.
June 6, 2011, 10:00 PM
Not All the High-Tech Jobs Are in California
August 4, 2016, 8:29 PM
Google's Gleaming Glass HQ Gets Mountain View Snub, LinkedIn Gets the Love
May 7, 2015, 6:58 AM
Tech's Tax Day Fortunate Few: Qualcomm, Xerox, GE, et al. Pay Little or No Taxes
April 15, 2015, 11:30 AM
LinkNYC Terminals to Blanket New York City With Free WiFi, Free Calls, and Ads
November 17, 2014, 6:50 PM
Microsoft is Open-Sourcing Most of .NET, Adding OS X and Linux Support
November 12, 2014, 8:27 PM
Home Depot Lost 53 Million Emails, Blames Windows, Buys Execs New Macs
November 9, 2014, 5:00 PM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
ASUS RT-AC5300 – Ultimate Game & 4K Streaming
April 18, 2017, 7:45 AM
Dell Inspiron 17 7000 – A Premium Laptop featuring 7th Gen Intel Core i7 in a 2-in-1 Frame.
April 19, 2017, 7:45 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Vivo V5 Plus – the Selfie Softlight is on You.
April 17, 2017, 7:05 AM
Latest Blog Posts
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
Apple iPhones Will Soon Feature Graphics Chips Designed BY Apple
Apr 3, 2017, 6:23 AM
AMD Ryzen Desktop Processors Performance
Apr 2, 2017, 6:30 AM
What makes a camera Lensless?
Apr 1, 2017, 7:45 AM
Google halts Android Wear 2.0 Update Due to Bug
Mar 31, 2017, 7:27 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information