Complete Story on Hacked PlayStation Network
On 21st April some users reported failure to login on PlayStation Network, shortly after the first reports it was noticed that whole PSN was down and nobody had a clue about the reason. Sony on 24th April after three days of network failure announced in a press release that an ‘external intrusion’ caused the issue forcing Sony to take both PSN and Qriocity offline.
An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.
We sincerely regret that PlayStation Network and Qriocity services have been suspended, and we are working around the clock to bring them both back online. Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.
Sony had no idea about the severity of the situation at that time, the whole PSN was down. In the meanwhile people who had PSN accounts were worried about their Credit Card data and personal information they provided on PSN which was rumored to be stolen after this hack attack.
The worst thing about which people were worried happened and Sony on 27th April announced that some PSN and Qriocity accounts have indeed been compromised between April 17th and 19th with users’ names, addresses, birthdays and possibly even credit card details finding their ways into the hands of the bad guys. Email addresses as well as PSN usernames have also been accessed.
Sony asked their PSN user to keep an eye on their credit card usage, in a press release Sony said:
Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
- Temporarily turned off PlayStation Network and Qriocity services;
- Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
- Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.
On 29th April, this story took a weirdly worst turn when some unknown hacker putted Sony’s database with every user’s Personal Information + Credit Card Information up for sale. He even offered to sell the details back to Sony themselves. This information not only included Credit Card number but CCV numbers of more than 70Million PSN users. Sony failed ROYALLY this time.
PSN users were also worried about their “saved games” data, but Sony assured that they will re-sync their “saved game” after making PSN go live again. With all this going on Sony with the help of FBI started a criminal investigation against hackers who intruded PSN . On 1st May Ars Technica reported they Sony is planning to compensate users, they said:
“To thank players for their patience, we will be hosting special events across our game portfolio,” SOE said in a statement. “We are also working on a ‘make good’ plan for players of the PS3 versions of DC Universe Online and Free Realms. Details will be available soon on the individual game websites and forums.”
The same goes for PSN as a whole and streaming service Qriocity. Seybold said that Sony is “evaluating ways to show appreciation” to users for the downtime, but specifics as to how that will be done are currently unavailable.
This report was confirmed on 2nd May when Sony updated everyone on PSN status, Sony said that they will bring some services of PSN and Qriocity back live in a week. The delay in returning service is to give the company time to install new security in order to prevent any further intrusions.
Sony’s Executive Deputy President Kazuo Hirai said:
“Our global audience of PlayStation Network and Qriocity consumers was disrupted. We have learned lessons along the way about the valued relationship with our consumers, and to that end, we will be launching a customer appreciation program for registered consumers as a way of expressing our gratitude for their loyalty during this network downtime, as we work even harder to restore and regain their trust in us and our services.”
So what are we going by way of an apology? To be honest, not very much. PSN users will get a free 30-day subscription to Playstation Plus, Sony’s premium version of PSN as well as access to Qriocity for the same period. Existing subscribers will get the 30 days tagged onto their current subscription.
Free content will vary according to your geographical position, more details on this one month free PSN content+access would be made available soon.
We will keep you updated on this!