Sony has locked the PSN and SOE accounts of 93,000 users following a hacking attempt that saw hackers try to test a 'massive set of log-in IDs and passwords.' The company revealed the attempted breach in a blog post published last night. Philip Reitinger, SVP & Chief Information Security Officer at Sony Group, said that the data likely came from another source, and not from Sony's own networks.
"These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources," he said. "In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity."
However, the hackers weren't totally unsuccessful. Reitinger said that there were roughly 93,000 accounts (60K on PSN/SEN and 33K on SOE) where the attackers succeeded in verifying valid sign-in IDs and passwords. Sony has locked those accounts and is reviewing them for unauthorized access. The company assured affected users that credit card numbers associated with their accounts are not at risk. He also explained that users will need to change their passwords.
"As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt," Retinger said. "If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password."
Affected SOE account holders will receive an email advising them on steps to take that will validate their account and switch it back on.