ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Sony Online Entertainment portal breached, more financial information in hands of hackers

By | May 3, 2011, 3:48am PDT

Yesterday it emerged that the Sony Online Entertainment portal had been taken down due to an intrusion. Today it emerges that this hack has resulted in the disclosure of more financial information to hackers.

Here’s the scale of the breach:

  • 24.6 million SOE accounts may have been stolen
  • Information from an outdated database from 2007

The 24.6 million accounts consisted of:

  • Names
  • Addresses
  • E-mail addresses
  • Birthdays
  • Gender
  • Phone numbers
  • Login names
  • Hashed passwords

Basically, the sort of stuff that could be used to commit identity theft.

This outdated database contained:

  • Approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes)
  • About 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain (bank account numbers, customer name, account names, customer addresses)

 This is all bad stuff.

While Sony has gone on record to say that it will give PlayStation Network and Qriocity free stuff, but I think we’re beyond that just now, and that Sony should offer all affected customers a subscription to a fraud protection service. Sure, it’ll cost Sony some coin, but it would be the right thing to do given the scale of this mess.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Sony Corp., Financial, Credit Card, Adrian Kingsley-Hughes, Hacker, Financial Information, Financial Accounting, Finance

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

8
Comments
Add Your Opinion

Join the conversation!

Just In

Crushing the RFID Chip
Zorched 3rd May 2011
@KBot
I crush all the RFID chips in any credit cards I receive. It only takes about 20 buck worth of hardware to create a scanner that you can then walk through a store and gather numbers, but the credit indistry still doesn't protect this information well enough.

Look for the raised section of the credit card near or under the blink symbol. It will look like a small square. Take a torx scriver (I use t-25), place it over the center of that square and take a hammer and strike it with just enough force to leave a slight impression in the plastic. This should be enough to shatter the RFID. Then next time you're in a store, try it with a transaction and see if it worked. If it still registers, then you didn't find the square right or you didn't hit it hard enough.
View in thread
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
statuskwo5 3rd May 2011
Somebody really must hate Sony.
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
Rick_K 3rd May 2011
This is why I only use pre-paid cards for online transactions. Never and I mean Never use your personal credit/debit card for online transactions.
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
KBot 3rd May 2011
@Rick_K
There's only so much you can do. Do you have all of your credit/debit cards in an RF shielded wallet? because a lot of cards these days contain RF ID which can make stealing your credit card info very easy.
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
KBot 3rd May 2011
@Rick_K
There's only so much you can do. Do you have all of your credit/debit cards in an RF shielded wallet? because a lot of cards these days contain RF ID which can make stealing your credit card info very easy.
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
Rick_K 3rd May 2011
@KBot
Fortunately at this time, my cards do not have RFID chips in them, as they are a few years old. But when the new ones are sent, I will look into doing just that. I personally think that using RFID chips has a few to many drawbacks.
0 Votes
+ -
Crushing the RFID Chip
Zorched 3rd May 2011
@KBot
I crush all the RFID chips in any credit cards I receive. It only takes about 20 buck worth of hardware to create a scanner that you can then walk through a store and gather numbers, but the credit indistry still doesn't protect this information well enough.

Look for the raised section of the credit card near or under the blink symbol. It will look like a small square. Take a torx scriver (I use t-25), place it over the center of that square and take a hammer and strike it with just enough force to leave a slight impression in the plastic. This should be enough to shatter the RFID. Then next time you're in a store, try it with a transaction and see if it worked. If it still registers, then you didn't find the square right or you didn't hit it hard enough.
0 Votes
+ -
RE: Sony Online Entertainment portal breached, more financial information in hands of hackers
KBot 3rd May 2011
If the information is expired it should be removed from their network. They really dropped the ball on this one.
0 Votes
+ -
yawn with qualifications
caburlingame 3rd May 2011
Name, email address, phone number, birthday, gender, physical address are for all but the most obscure personalities already pretty readily available. I'm afraid I don't see why this is important. I am, however, interested in being educated. So let me phrase this as a question: Given this sort of data is already available to any stalkerish or generally shady character, easily bought or found in particular or in bulk, why is this a big deal?

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix