Today is May 17, almost exactly a month after the massive breach of Sony’s PSN network. If you live in North America then you may be pleased to know that the Playstation network has finally come back online. Due to the enormous amount of subscribers to the service, the restart has been a bit shaky, with reports of password reset emails clogging ISP mail servers. Despite the hiccups, it seems that the service is gradually returning.
If you are a customer of the Sony service, you will need to immediately change your password as well as install a firmware update to your system. Sony has pledged a much stronger security environment to its customers and partners, and this appears to be the beginning of many changes. Sony has previously stated that they have rebuilt the entire network from scratch and moved their PSN infrastructure to a new data center in an undisclosed location. I’m not sure why this emphasis on security wasn’t a focus of the original model, but maybe Sony can prevent future mishaps. Perhaps all the additional outside scrutiny will help, but only time will tell.
With the return of its online services Sony is offering a “welcome back” package to its customers. The details vary by region, but it generally consists of two free games, some time-limited free access to premium services, and some free game related content. Is this enough? Customers appear to be flocking back to the online service in droves. At this time there are no reports of any of the customers leaked data being used against them. As the breach is so recent, it may take some time for criminals to make use of the data.
Here at Kaspersky Lab we recommend that you always use strong passwords, and use only one per site. Keep a close eye on any emails alleging that they are from Sony or its affiliates, especially if they ask for any personal details. Additionally, if you had entered any credit card information into the online service, now is the time to pay extra attention to any charges or strange activity or perhaps consider cancelling altogether. Sony has promised to offer credit monitoring services to its customers where available, and it would be in your best interest to take advantage of this. Hopefully the size and scope of this breach will work as a wake-up call to other online services with such large databases of personal information to take better care of their most important resource; their customers.