I pulled a real late night last night – 1 am PST and I turned in for the night. Thankfully I remembered to sleep, because I find out that the Sony Playstation breach is apparently being repeated –
SOE MAINTENANCE In Progress
Dear Valued SOE Customers,
We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday).
We apologize for any inconvenience and greatly appreciate your patience.
There’s no way they took that down at 3:30 am as part of some kind of simple maintenance. Something really had to have gone wrong. And supposedly, it has, per Engadget :
Sony Online Entertainment has, apparently, been the victim of another breach that has, according to Nikkei.com, resulted in the release of 12,700 credit card numbers — and presumably some other information as well. 4,300 of those credit card numbers are said to be Japanese, but no saying how many are American. Thankfully, data is said to be from 2007, minimizing the number of still-valid credit cards exposed
Well, I have my credit hardened so I’m not panicking yet. My habit of lying to every website which asks for personal information might pay off in this case – most likely Sony doesn’t know who I am except in the context of billing information. Here’s hoping that the site reopens soon and we get some kind of an explanation as to what’s going on.
I just wish *this* connection was secure enough that I felt good about checking my credit card. It’ll have to wait another 2 1/2 hours until I get home.
Customer Service Notification
May 2, 2011
Dear Valued Sony Online Entertainment Customer:
Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.
Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained – we will be notifying each of those customers promptly.
There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.
We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.
We apologize for the inconvenience caused by the attack and as a result, we have:
1) Temporarily turned off all SOE game services;
2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3) Quickly taken steps to enhance security and strengthen our network infrastructure to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
So it’s not my credit card info, presumably. My password needs changing, but that should be it. Hope all the international folks are safe with their money, and their accounts. Sounds like I’m not getting back into the game for weeks again though.