Sony keeps it honest after latest security breach

Sony is saving face, and therefore customers, with a preemptive note to PlayStation Network members.
Written by Rachel King, Contributor

When Sony's PlayStation Network suffered a major, worldwide security breach, putting millions of people's identities at risk, one of the biggest complaints from customers asked why didn't Sony say something sooner.

This time, Sony obviously learned a good lesson in PR and is being honest from the get-go.

In a note to PlayStation Network members, Sony’s chief information security officer Philip Reitinger wrote that there have been several attempts detected on the following services: the Sony Entertainment Network, the PlayStation Network and Sony Online Entertainment.

Specifically, these hackers tried to "test a massive set of sign-in IDs and passwords against our network database," which turned out that most of the matches failed and the data probably came from a source other than Sony.

Nevertheless, less than one tenth of one percent of the PSN, SEN and SOE audience might have been affected, breaking down to approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded.

But Sony insists that credit card numbers are not at risk.

The full note is available on the official PlayStation blog, but here's an excerpt about Sony's strategy in this situation:

As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.

Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.

Based on the comments section below the post, the responses from PSN members are remarkably different in tone from what we saw in April -- and even what we've seen from customers of other companies following major announcements. (Seriously, have you seen the comments following Netflix CEO's Reed Hastings posts after the Qwikster debacle? Talk about rage and bitterness.)

Not this time. Instead, many commenters said thank you to Sony for being so upfront about the situation this time, no matter how much smaller it might be. Sony is finally being as transparent as it should have been in the first place, giving PSN members adequate time to react to what could be a very serious situation for some of them.

Sony just need to keep us all posted from here on out.

Editorial standards