April, 2011: PSN and Sony Online Entertainment Data Breach

2011-05-10T15:55:08
ID THREATPOST:4273C605E17F98652003D0ED0A1FCFC5
Type threatpost
Reporter Chris Brook
Modified 2018-07-02T21:19:49

Description

For a company already bloodied by bad press over its pursuit of
console hackers, its DRM rootkit and laptop battery recalls in 2006 and
2008, you wouldn’t think things could get worse for Sony. Then came the
April 20th, 2011 shuttering of its PlayStation Network online gaming
network following what Sony termed an “external intrusion.”
As in previous incidents, Sony’s handling of the breach set it up for
criticism: the company kept mum about the extent of the breach for more
than a week before answering key questions about it – such as whether
account holder data was stolen (it was) or whether stored credit card data was encrypted (it was).
Despite the company’s efforts to do damage control, the weeks since
have brought a drip, drip, drip of bad news, with Sony forced to reverse
earlier statements that its Station.com network wasn’t affected by the
breach, which is now believed to affect up to 100 million customers.