Hackers scan 93,000 Sony accounts for reused passwords

Powered by SC Magazine
 

Accounts locked.

Hackers has frozen 93,000 accounts after attackers attempted to access them using hacked usernames and passwords.

Tests were run against accounts held by Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE) services to determine if a massive set of stolen identities and passwords were reused by customers.

Sony CISO Philip Reitinger said attempts appeared to include data obtained "from one or more compromised lists from other companies, sites or other sources".

The company determined that "the overwhelming majority of the pairs resulted in failed matching attempts; it is likely the data came from another source and not from our networks".

About one per cent of PSN and SEN accounts were thought to have been accessed. Sony had temporarily locked and reset passwords for the accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorised access and will provide more updates as we have them," Reitinger said.

He said credit card numbers linked to accounts were not at risk.

Sophos senior technology consultant Graham Cluley said the silver lining for Sony is that this breach appeared smaller than the attacks that hit it earlier this year.

“That suggests that the accounts which were broken into were using a non-unique password. In other words, you were using the same password on the Sony PlayStation Network as you were on website X,” he said.

This article originally appeared at scmagazineuk.com

Although Reitinger said that less than 1 per cent of the network's users may have

Copyright © SC Magazine, US edition


Hackers scan 93,000 Sony accounts for reused passwords
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1015

Vote