Sony has in the last 24 hours locked down 93,000 network accounts after detecting a large number of failed sign-in attempts across their entertainment networks. This is most likely a brute-force hacking attempt whereby a large database of username and password pairs are tested against Sony’s network via an automated script in the hope that some will match.
In the brute-force attack, hackers succeeded in verifying 93,000 accounts’ valid sing-in IDs and passwords globally which were subsequently frozen by Sony. 60,000 of these accounts are PlayStation Network (PSN) and Sony Entertainment Network (SEN) accounts, while the remaining 33,000 are Sony Online Entertainment (SOE) accounts.
Only a “small fraction” of the 93,000 compromised accounts have shown additional activity prior to being locked. Sony is currently “reviewing” these.
The attack has affected a very small percentage of the PSN, SEN and SOE audience, about 0.1%, with Sony reassuring users that credit cards associated with hacked accounts are “not at risk”. As access was gained to only 0.1% of accounts globally, Sony believe that the database used in this attack must have originated from another source, and not from a previous network breach at Sony.
All 93,000 users affected by this latest attack will be required to reset their account passwords and will be notified by email with instructions in due course.
Image courtesy of beleam on Flickr