Hackers scan 93,000 Sony accounts for reused passwords

Powered by SC Magazine
 

Accounts locked.

Hackers has frozen 93,000 accounts after attackers attempted to access them using hacked usernames and passwords.

Tests were run against accounts held by Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE) services to determine if a massive set of stolen identities and passwords were reused by customers.

Sony CISO Philip Reitinger said attempts appeared to include data obtained "from one or more compromised lists from other companies, sites or other sources".

The company determined that "the overwhelming majority of the pairs resulted in failed matching attempts; it is likely the data came from another source and not from our networks".

About one per cent of PSN and SEN accounts were thought to have been accessed. Sony had temporarily locked and reset passwords for the accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorised access and will provide more updates as we have them," Reitinger said.

He said credit card numbers linked to accounts were not at risk.

Sophos senior technology consultant Graham Cluley said the silver lining for Sony is that this breach appeared smaller than the attacks that hit it earlier this year.

“That suggests that the accounts which were broken into were using a non-unique password. In other words, you were using the same password on the Sony PlayStation Network as you were on website X,” he said.

This article originally appeared at scmagazineuk.com

Although Reitinger said that less than 1 per cent of the network's users may have

Copyright © SC Magazine, US edition


Hackers scan 93,000 Sony accounts for reused passwords
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1064

Vote