Sony has today confirmed that around 93,000 PSN accounts have been put at risk by an outside source trying different combinations of passwords and emails, acquired elsewhere.
Philip Reitinger, Sony’s chief information security officer posted this statement this morning on the Playstation Blog.
The culprits tried “a massive set of sign-in IDs and passwords against our network database” which resulted in a 0.1 percent success rate for them.
“The overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
“Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected.”
“There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts.
“Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them.
Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.”
The affected users will also get a “secure password reset” prompt email from Sony.
“We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites.
“We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.”