/ 12 October 2011

Hack-weary Sony puts 93 000 online accounts on ice

Sony said Wednesday it suspended 93 000 accounts on its online entertainment networks after a large number of unauthorised sign-in attempts, months after a huge breach forced it to halt some services.

The attempts took place between October 7 and 10 and succeeded in verifying valid sign-in IDs and passwords of about 93 000 accounts on its PlayStation Network, Sony Entertainment Network and Sony Online Entertainment services.

Sony said credit card details associated with those accounts were not at risk as a result of the access attempts.

The breaches “appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or sources”, Sony said, adding that “these were unauthorised attempts to verify valid user accounts on our services using very large sets of sign-in IDs and passwords.”

The entertainment giant has temporarily locked the accounts and is continuing investigations into the extent of unauthorised activity.

It said it would notify affected account holders to advise them to reset their passwords.

The company added that “less than one tenth of one percent” of consumers across the three networks may have been affected.

“Only a small fraction of these 93 000 accounts showed additional activity prior to being locked. We are continuing to investigate the extent of unauthorised activity on any of these accounts,” Sony said.

The entertainment giant has been battling to restore consumer trust after a data breach in April compromised more than 100-million online accounts, forcing it to temporarily shut down its PlayStation Network and Qriocity music services.

The company faced criticism for not disclosing the intrusion into its PlayStation Network until a week after it discovered the breach.

The system was launched in 2006, allowing gamers to compete online, stream movies and access other services via the Internet.

Sony later suffered attacks on websites including in Greece, Thailand and Indonesia.

In a separate attack, a group of hackers known as Lulz Security in June said they had compromised more than one million passwords, email addresses and other information from SonyPictures.com.

The maker of PlayStation games consoles fully restored its related network and Qriocity services in June and July after pledging to boost the overall security infrastructure.

Analysts say such breaches threaten to further damage Sony’s brand image and undermine its efforts to link its gadgets to an online “cloud-based” network of games, movies and music that relies on consumer confidence in their security.

The attacks hit the company as it looks to recover from the impact on production of Japan’s March 11 earthquake, with it facing additional costs for security upgrades and compensating consumers.

However Sony shares were higher in Tokyo trade Wednesday, rising 1.13%.