Sony just can’t catch a break.
This morning, it was discovered that Sony Online Entertainment’s servers were down, and that all online services from the largest MMOs to the smallest Facebook games had been suspended. In light of Sony’s recent problems with the Playstation Network being used to steal user information and the resulting outage, this obviously merited some speculation. Now, Sony has announced the theft of data associated with 24.6 million Sony Online Entertainment accounts, including your “Name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.”
The hackers also got away with information from an outdated, non-US credit card database: a total of 12,700 international credit card numbers and 10,700 direct debit records, including bank account numbers, of residents of Germany, Austria, the Netherlands and Spain.
Sony believes that the intrusion that took the information occurred sometime between April 16 and 17, which matches up nicely with the PSN hack. As Sony has repeated many times, the two networks are completely separate, which blurs the relationship between the two attacks. The theft was discovered only this morning as the company was investigating the details of the PSN hack, and the SOE service was promptly brought down.
To make up for the downtime, Sony will be providing an additional 30 days to any subscriptions, as well as an extra day for each day the services are down. It is also drafting a “make good” plan for its PS3 MMOs.
The company says it has plans to introduce complimentary assistance in enrolling “identity theft protection services” to all users affected by this attack, and will be forthcoming with details shortly.
This does not bode well for Sony. Not one little bit.