In a very disappointing and somewhat shocking turn of events, Sony’s VP & Chief Information Officer, Phillip Reitinger, just announced that approximately 93,000 PlayStation Network, Sony Entertainment Network, and Sony Online Entertainment accounts have been compromised today. According to their reports, they have just detected someone attempting to “test a massive set of sign-in IDs and passwords against our network database.” Now, before you go blaming Sony again, it’s not their fault – or so they claim.
“These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks.”
Assuming that this is true, we really should be praising Sony this time around. Not only did they successfully detect it, but they’ve also taken security measures to protect the affected accounts. If your account was affected, you can rest assured that your account is completely safe. Sony has temporarily locked all the jeopardized accounts. All of these will be required to have passwords reset securely via an email to the account’s associated email address.
Sony has also confirmed that no credit card credentials were lost, and only a miniscule amount of the accounts showed activity after the compromise happened. If your account was one of the most unfortunate ones, Sony will work with you to restore any unauthorized purchases to your account.
If you think your account has been compromised and you use the same password for your email address as your PSN, SEN, or SOE ID, you should immediately log in and change your password. Odds are those who have these lists are checking them against your email accounts too, and that is your only secure way of retaining your PSN, SEN, or SOE account! You should also change your password for any other site you have the same, or similar passwords for.
To read the full letter from Phillip Reitinger, click here.