Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Intrusion Forces PlayStation Network Offline

PlayStation Network Hacked – Updated 04/24 8:55AM

PlayStation Network Hacked – Updated 04/24 8:55AM

After being offline for a majority of the last three days, Sony has come forward with an update regarding the status of its PlayStation Network, the platform that connects millions of PlayStation users for online play and content.

PlayStation Network Suffers IntrusionAfter a period of silence, and keeping millions of gamers itching to get answers on when they’d be back in action with online play, a Sony representative posted a note on Friday night, saying that its systems had suffered from an external intrusion that has affected the PlayStation Network and Qriocity services. (Qriocity is Sony’s streaming music and video service.)

The intrusion doesn’t appear to be what knocked out the service however, as Sony said it purposely “turned off the PlayStation Network & Qriocity services” on Wednesday night so it could conduct an investigation.

On Thursday, April 21, Patrick Seybold, Sr. Director, Corporate Communications & Social Media at Sony Network Entertainment, posted a generic message online, saying no more than, “We’re aware certain functions of PlayStation Network are down. We will report back here as soon as we can with more information.” Seybold later posted a update, letting gamers know they shouldn’t get their hopes up for a quick return to service. In that note, Seybold said, “While we are investigating the cause of the Network outage, we wanted to alert you that it may be a full day or two before we’re able to get the service completely back up and running.”

On Saturday night, Seybold posted another update, saying that Sony was working around the clock to bring the systems back online. “Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security,” Seybold wrote in a blog post.

While it’s not known who is responsible for the intrusion, many were initially pointing fingers at Anonymous, the “Hacktivist” group that gained much visibility over Wikileaks and music industry related attacks. The group had recently targeted Sony Web properties with DDoS attacks in response to a lawsuit that Sony had filed against Georg Hotz, an American hacker who discovered how to unlock (jailbreak) the PlayStation 3 console’s operating system.

Anonymous Attacks SonySony argued in the suit that Hotz breached the Digital Millennium Copyright Act and other laws after he published an encryption key and software tools online to enable other PlayStation “unlock” their consoles, something that also may enable users to play pirated copies of games. Sony and Hotz agreed to a settlement on March 31, 2011. Hotz’s motion to dismiss for lack of personal jurisdiction was still pending before the federal court in San Francisco but a preliminary injunction was issued requiring Hotz to take down the postings challenged by SCEA.

But the Anonymous group says it’s not behind this week’s outage, saying, “For Once We Didn’t Do It.” In a post to the site the group uses to update the world on its latest initiatives, the group wrote, “While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility for it. A more likely explanation is that Sony is taking advantage of Anonymous’ previous ill-will towards the company to distract users from the fact the outage is actually an internal problem with the companies servers.”

The details of the intrusion are unclear at this point, and Sony has not provided any additional information, including if any user data was compromised in the event. We have reached out to Sony for comment and have not heard back. SecurityWeek will continue to provide additional details as we gather more information.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Funding/M&A

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...