After a long service black out Sony reported yesterday that their PSN gamer network has been compromised. Sony further admitted that all kinds of user data had become available to an unknown attacker. Some of the personal details available to the attackers include your name, address, and email address, date of birth, PSN login name and password. In fact even password security answers may have been obtained. In addition to these items Sony stated “While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.” Sony does not speculate on when their network may come back online but states that they are rebuilding it, and undergoing external security audits.
Console gaming on platforms such as the Playstation and XBOX are incredibly successful in large part due to the networks behind them. Users can purchase games, content, and access to third party services such as Netflix. While it’s not clear what methods were used to compromise the Playstation network, it is evident that attackers are taking an interest in some new avenues for gathering personal information. It is also evident in this case that Sony did not make enough effort to secure user data.
This is new evidence that attackers are becoming increasingly interested in alternate sources of personal information. Console networks are largely trusted due to the fact that they haven’t had the security history of websites and personal computers.
If you are a PSN member we highly recommend keeping an eye on your credit card info for signs of fraud. We further recommend that any passwords used on the PSN network that may have been reused elsewhere get changed immediately. Additionally be alert for any email purporting to be from Sony or its affiliates requesting any personal information.