Sony locks out users after another hacking attack

Sony’s suspended over 93,000 user accounts after another major attack on the company’s systems.

Hackers attempted to test an enormous set of sign-in IDs and passwords against the company’s network database, which relates to users of the PlayStation Network, Sony Entertainment Network and other networks run by Sony Online Entertainment.

Sony says the log-ins being used by the hackers don’t come from inside the company, as they’re largely inaccurate – the vast majority of sign-in attempts failed, it says.

“Less than one tenth of one percent of our PSN, SEN and SOE audience may have been affected,” says Philip Reitinger, SVP and chief information security officer, on the company blog.

“There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts.”

He says users’ credit card details aren’t at risk.

Those users who now find themselves locked out will receive an email from the company telling them how to get their account details validated.

“As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt,” says Reitinger.

“Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.”

The attempts were made between October 7 and October 10 – meaning that the company’s alerted users within days. The move implies that Sony’s learned its lesson: when the PSN network was hacked by LulzSec earlier this year, the company was heavily criticized for keeping it secret for a week.