Sony's password resets bleed from EU into US

Summary:Company says "irregular activity" prompted pro-active moves

Citing "irregular activity," Sony Monday reset an undisclosed number of passwords on U.S.-based user accounts on its PlayStation Network.

Sony PlayStation password hack EU US
Sony reset some user passwords for PlayStation Network users in the US and EU saying it had detected "irregular activity" on the network.

The move comes less than a week after Sony did a similar password reset on an undisclosed number of PlayStation Network (PSN) accounts in the European Union (EU).

"If you are getting an error that your PSN account password is incorrect, you may need to reset it," read a post from a PlayStation moderator on a Sony community forum. "We routinely monitor for irregular activity, and if such activity is detected, we may sometimes reset passwords of affected SEN [Sony Entertainment Network] accounts to protect consumers and their account information." SEN offers video, music and games to its users.

Sony has reason to be concerned as its networks, and user passwords, previously have been targets of hackers, and the company has endured hefty mitigation costs.

The message aimed at U.S. users mirrored an earlier alert targeted to EU customers.

"We monitor PSN account for any irregular activity. If such activity is detected we will sometimes reset passwords. This was done purely as precautionary measure and there was no specific evidence that any accounts had be compromised,' wrote a Sony online support coordinator on the PlayStation Forum Nov. 20.

The phrase "purely as precautionary measure" was highlighted in boldface type.

The alert went on to say: "Only a small number of users were affected by this and as I said this was precautionary so there is nothing specific to worry about. I can't provide any further details as this would affect out ability to keep you guys safe."

In each case, Sony did not detail the activity it detected on its network or exact numbers of those affected.

Less than two weeks ago, Sony launched the new PlayStation 4 in the U.S., an event that came just a week before competitor Microsoft launched its new console, Xbox One. PlayStation 4 launches this Friday in the EU.

In April 2011, Sony reported 77 million user accounts had been stolen from its PlayStation Network and other online properties. At the time, the SANS Institute said the breach may be the largest theft of identity data information on record.

In May, the company reported the breach's pricetag at $171 million.

In October 2011, hackers again hit PlayStation Network and compromised 93,000 accounts.

Sony watchers and gamers have speculated the recent password resets were precautionary moves associated with the rollout of PlayStation 4.

Users prompted by Sony to change their passwords will need a PSN email address and the data of birth listed on their account in order to reset their password.

Topics: Security, Networking

About

John Fontana is a journalist focusing on access control, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he writes and edits a blog, as well as, directs several social media channels and represents Yubico at the FIDO Alliance. Prior to Yubico, John spent five y... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.