Sony has been forced to remove the stolen names and partial addresses of 2,500 sweepstakes contestants posted on a hacked website owned by the Japanese-based corporation.
The data reportedly originated from customers who entered a product contest way back in 2001. Fortunately, the compromised list did not include credit card information, social security numbers or passwords.
“The website was out of date and inactive when discovered as part of the continued attacks on Sony,” a company spokesperson told Reuters.
The embarrassing attack comes just days after Sony CEO Howard Stringer issued an official apology over a series of security breaches which compromised the personal information of millions and unceremoniously downed the PlayStation Network.
“In the coming days, we will restore service to the networks and welcome you back to the fun,” said Stringer.
“I wanted to personally reach out and let you know that we are committed to serving you to the very best of our ability, protecting your information better than ever, and getting you back to what you signed up for – all the games and great entertainment experiences that you expect from Sony.”
Meanwhile, Sophos security analyst Chester Wisniewski noted that Sony “seemed to be living a nightmare” as hack and extract operations continued with no real end in sight.
“In an organization as large as Sony the hackers targeting them may be able to continue to find low hanging fruit. Un-patched old equipment at any of the various Sony subsidiaries could continue to embarrass Sony publicly,” Wisniewski explained.
“[Of course], Sony Playstation Network users are starting to get quite impatient as they await the return of the online gaming service… [Still], in this case Sony is certainly doing the right thing. It is better to be offline and identify what must be done to return the service to a secure state than to simply turn it back on and allow attackers to target even more data.”
Obviously, there is no word yet on when the PSN will be back up, as Sony spinner Patrick Seybold confirmed (on Friday) the company was still testing system security.
“As you’ve heard us say, our utmost priorities are the security of the network and ensuring your data is safe. We won’t restore the services until we can test the system’s strength in these respects… We apologize for the delay and inconvenience of this network outage,” he added.