Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Sony Attacked Again: Attackers Used Login Data Stolen from Other Sources

On Tuesday, Philip Reitinger, Sony’s newly appointed SVP & CISO, announced that Sony was the victim of yet another cyber attack. In this latest incident, Sony detected an attack that tested a massive set of sign-in IDs and passwords against its network database.

On Tuesday, Philip Reitinger, Sony’s newly appointed SVP & CISO, announced that Sony was the victim of yet another cyber attack. In this latest incident, Sony detected an attack that tested a massive set of sign-in IDs and passwords against its network database.

Stolen Login Database used to Attack Sony NetworkThe attack targeted the Sony Entertainment Network, PlayStation Network and Sony Online Entertainment, and used, what is assumed to be, a massive set of login details stolen from other companies, sites or other sources. With the number of successful cyber attacks recently, there is no shortage of user data, including email addresses, login names, and passwords floating around.

“In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks,” Reitinger wrote the announcement.

Reitinger said that than one tenth of one percent (0.1%) of its online customers appear to have been affected, totaling approximately 93,000 accounts globally. In other words, of the massive set of logins tested, the attackers were able to validate 93k accounts that had used the same password as was used somewhere else. In response, Sony temporarily locked the affected accounts.

“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them,” Reitinger added.

Reitinger also said that any credit card numbers associated user account are safe and not as risk. “As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password,” he contined.

Sony hired Reitinger, a former U.S. Homeland Security official in charge of cyber security, as Senior Vice President and Chief Information Security Officer in response to a series of cyber attacks earlier this year that resulted in the personal information of more than 100 Million customers falling into the hands of hackers.

Sony says it has taken steps to mitigate the activity, but this should serve as a reminder to not use the same password on multiple sites, especially ones that that contain personal information and could be linked to a credit card, billing system, or other personal information.

This appears to be the first major incident that he has had to deal with publicly and make an announcement to users. In defense of Sony and Reitinger, this is one type of attack that many organizations are likely unprepared to defend against. But as many SIEM and DB security vendors will surely mention today, “We’ve got a solution for that!”

Advertisement. Scroll to continue reading.

Related Reading:

What Does the Sony PlayStation Network Breach Teach Us about Cloud Security?

The Top Attack Techniques Used By Today’s Hackers

Enhancing Security by Studying Common Attack Techniques

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights