Hackers scan 93,000 Sony accounts for reused passwords

Powered by SC Magazine
 

Accounts locked.

Hackers has frozen 93,000 accounts after attackers attempted to access them using hacked usernames and passwords.

Tests were run against accounts held by Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE) services to determine if a massive set of stolen identities and passwords were reused by customers.

Sony CISO Philip Reitinger said attempts appeared to include data obtained "from one or more compromised lists from other companies, sites or other sources".

The company determined that "the overwhelming majority of the pairs resulted in failed matching attempts; it is likely the data came from another source and not from our networks".

About one per cent of PSN and SEN accounts were thought to have been accessed. Sony had temporarily locked and reset passwords for the accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorised access and will provide more updates as we have them," Reitinger said.

He said credit card numbers linked to accounts were not at risk.

Sophos senior technology consultant Graham Cluley said the silver lining for Sony is that this breach appeared smaller than the attacks that hit it earlier this year.

“That suggests that the accounts which were broken into were using a non-unique password. In other words, you were using the same password on the Sony PlayStation Network as you were on website X,” he said.

This article originally appeared at scmagazineuk.com

Although Reitinger said that less than 1 per cent of the network's users may have

Copyright © SC Magazine, US edition


Hackers scan 93,000 Sony accounts for reused passwords
 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  13%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 438

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 210

Vote