Hackers scan 93,000 Sony accounts for reused passwords

Powered by SC Magazine
 

Accounts locked.

Hackers has frozen 93,000 accounts after attackers attempted to access them using hacked usernames and passwords.

Tests were run against accounts held by Sony Entertainment Network (SEN), PlayStation Network (PSN) and Sony Online Entertainment (SOE) services to determine if a massive set of stolen identities and passwords were reused by customers.

Sony CISO Philip Reitinger said attempts appeared to include data obtained "from one or more compromised lists from other companies, sites or other sources".

The company determined that "the overwhelming majority of the pairs resulted in failed matching attempts; it is likely the data came from another source and not from our networks".

About one per cent of PSN and SEN accounts were thought to have been accessed. Sony had temporarily locked and reset passwords for the accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorised access and will provide more updates as we have them," Reitinger said.

He said credit card numbers linked to accounts were not at risk.

Sophos senior technology consultant Graham Cluley said the silver lining for Sony is that this breach appeared smaller than the attacks that hit it earlier this year.

“That suggests that the accounts which were broken into were using a non-unique password. In other words, you were using the same password on the Sony PlayStation Network as you were on website X,” he said.

This article originally appeared at scmagazineuk.com

Although Reitinger said that less than 1 per cent of the network's users may have

Copyright © SC Magazine, US edition


Hackers scan 93,000 Sony accounts for reused passwords
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  23%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 832

Vote