The hits just keep on coming for Sony. Even as the PlayStation Network remains down, and fans are taunted by the frustratingly inaccurate greeting “PlayStation Network is currently undergoing maintenance”, Sony Online Entertainment has announced that while investigating the intrusions from last month that crippled their sister company, it discovered some issues of its own.
“We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday). We apologize for any inconvenience and greatly appreciate your patience,” the SOE website reads.
The SOE and PSN are run on completely separate servers, so it was originally thought that the attacks that crippled PSN online service–which reaches 77 million users–would have no connection to SOE. Even as the news of credit card information being compromised was released, SOE, which also stores credit card information in order to charge monthly subscription fees for many of its online games, was thought to be unaffected.
Over the weekend, Sony President and CEO, Kaz Hirai, officially addressed the situation and promised that Sony would make moves to ensure that this kind of disruption will not happen again. Of the 77 million users, as many as 10 million people may have had their credit card information taken, which makes the announcement from SOE, and the subsequent shut down of its servers, all the more alarming.
Obviously this won’t further effect PSN users. There is only so “down” a network can be, so games like DC Online, an MMORPG that Sony celebrates as a PS3 exclusive, have already been inaccessible due to the outages. SOE’s move will, however, make the PC version of DC Universe, as well as other PC games like Everquest II and Star Wars Galaxies inaccessible.
[Update: SOE has issued a statement regarding the situation]
It appears that SOE have confirmed that user data has been compromised, and are “advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack.” There is, however, no evidence that credit card information has been stolen.
According to SOE’s website, all of the “impacted account holders whose customer data may have been stolen as a result of an illegal intrusion on our systems” will soon be receiving an email explaining what has happened, and outlining ways for users to protect themselves.
The press release states:
-Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.
-There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.
-We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.
The press release further warns against possible phishing scams, and reiterates that Sony will never ask for personal information. You can read the full press release here.
