Sony Restores PSN but Gets Hit by Another AttackJune 4th, 2011 by Tanbir Leave a reply »
After a disastrous cyber attack that it suffered late April, which allowed hackers to access private data of over 77 million PlayStation Network users, the network is finally fully operational for US, European, and some Asian customers, including PlayStation Store access. It was already partially restored and brought up on May 15 when they enabled account management and online multiplayer gaming.
Japan, Hong Kong and South Korea are still off, however, pending government investigations of Sony’s security practices in those countries.
Sony has implemented what they believe to be considerable security upgrades, in addition to offering users a free identity theft protection package by AllClear ID which includes $1 million insurance for a period of 12 months. They’re also offering a “Welcome Back” package including a free PlayStation Plus subscription for a month with free game downloads.
Whether this will be enough to repair their damaged reputation is to be seen. Most gamers will likely fall into one of two categories. Some will have moved on to competitors such as Xbox, and others may sigh in relief that PSN is finally online so they can go back to online gaming.
Just as PSN is finally getting off the ground again. However, Sony was hit by a yet another major hacker attack, but this time it is their Sony Pictures division. A hacker group called LulzSec, which recently hacked into a PBS web site, accessed data on over one million users, including personal information such as email addresses, home addresses, birth dates, and all other data optionally provided by users.
They’ve also outed data on Sony admins, including passwords, as well as 75,000 music codes, and 3.5 million music coupons. Due to limited resources they are only releasing a portion of the data, but have linked to the vulnerability for others to verify, and suggested “plunder” of some of those 3.5 million coupons.
The stated motive behind the attack is apparently to teach Sony a lesson and question the trust people put in their services, since this compromise has been accomplished with a simple method (an SQL injection) again illustrating Sony’s lackluster security practices.
Of course, this doesn’t really justify publicly releasing personal information of customers who aren’t to blame for Sony’s bad security.
Thanks to tech-faq.com