Sony's PlayStation Network, the infrastructure that allows PS3 owners to play online games, as well as buy movies and other downloadable, has been iniltered by unknown hacker, and the customer details up to 77 million users have been compromised. This happened between 17th and 19th of April, when Sony realised there have been unauthoriesed intrusion on the PlayStation Network and Qriocity services. The company shut the services down and undertook an investigation.
Security analysts said that the problem may mean that hackers have uncovered a fundamental flaw in Sony's networks which will be expensive and time-consuming to fix. The company has suggested that an "unauthorised person" carried out the attack against its servers, during which usernames, passwords, credit card details, security answers, purchase history and addresses are believed to have been stolen.The precise method by which the hacker broke into the systems has not been revealed, though earlier this year the encryption around the PlayStation 3 was cracked. That would have made software piracy on the PS3 simpler, but it's not clear if it would have enabled the wider break-in.
Security analysts said that the problem may mean that hackers have uncovered a fundamental flaw in Sony's networks which will be expensive and time-consuming to fix. The company has suggested that an "unauthorised person" carried out the attack against its servers, during which usernames, passwords, credit card details, security answers, purchase history and addresses are believed to have been stolen.The precise method by which the hacker broke into the systems has not been revealed, though earlier this year the encryption around the PlayStation 3 was cracked. That would have made software piracy on the PS3 simpler, but it's not clear if it would have enabled the wider break-in.
The Anonymous activist group, which had criticised Sony over its legal threats to people who exploited the encryption crack, when the PSN went down, quickly announced it had nothing with it. But many think that the message left open the possibility that individuals from the group might be responsible. "While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility for it," the statement said. It accused Sony of taking advantage of previous attacks on its network to explain an internal problem with company servers.
Having user emails and passwords could lead malicious users to steal all sorts of other personal details, especially because many people use the same password on multiple sites – a security failing caused by the problem of remembering multiple different logins.
Sony has produced an FAQ to inform gamers about the security breach. It reiterates the huge extent of the intrusion: names, addresses, birthdates, PSN passwords and credit card numbers for any of the network's 77 million customers who provided such information may have been acquired.
With thousands of gamers livid that their details have been compromised, the Sony FAQ does briefly address the question of refunds on subscriptions and purchases: "When the full services are restored and the length of the outage is known, we will assess the correct course of action."
Ni komentarjev:
Objavite komentar