Security Experts:

Sony Attacked Again: Attackers Used Login Data Stolen from Other Sources

On Tuesday, Philip Reitinger, Sony’s newly appointed SVP & CISO, announced that Sony was the victim of yet another cyber attack. In this latest incident, Sony detected an attack that tested a massive set of sign-in IDs and passwords against its network database.

Stolen Login Database used to Attack Sony NetworkThe attack targeted the Sony Entertainment Network, PlayStation Network and Sony Online Entertainment, and used, what is assumed to be, a massive set of login details stolen from other companies, sites or other sources. With the number of successful cyber attacks recently, there is no shortage of user data, including email addresses, login names, and passwords floating around.

“In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks,” Reitinger wrote the announcement.

Reitinger said that than one tenth of one percent (0.1%) of its online customers appear to have been affected, totaling approximately 93,000 accounts globally. In other words, of the massive set of logins tested, the attackers were able to validate 93k accounts that had used the same password as was used somewhere else. In response, Sony temporarily locked the affected accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them,” Reitinger added.

Reitinger also said that any credit card numbers associated user account are safe and not as risk. “As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password,” he contined.

Sony hired Reitinger, a former U.S. Homeland Security official in charge of cyber security, as Senior Vice President and Chief Information Security Officer in response to a series of cyber attacks earlier this year that resulted in the personal information of more than 100 Million customers falling into the hands of hackers.

Sony says it has taken steps to mitigate the activity, but this should serve as a reminder to not use the same password on multiple sites, especially ones that that contain personal information and could be linked to a credit card, billing system, or other personal information.

This appears to be the first major incident that he has had to deal with publicly and make an announcement to users. In defense of Sony and Reitinger, this is one type of attack that many organizations are likely unprepared to defend against. But as many SIEM and DB security vendors will surely mention today, "We've got a solution for that!"

Related Reading:

What Does the Sony PlayStation Network Breach Teach Us about Cloud Security?

The Top Attack Techniques Used By Today's Hackers

Enhancing Security by Studying Common Attack Techniques

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.