Archive

Sony Downtime Continues as Some Personal Details Leak to Outdated Website

Updated Wed, May 11, 2011 by Martuk

Sony downtime continues this week as additional security work on Playstation Network, Qriocity and Sony Online Entertainment systems remains in testing. Details of 2500 contest entrants were leaked and removed from a dated Sony website last week following rumored reports of a weekend attack. Is Sony secure enough to have services restored by the end of the month as many speculate?


Last week we reported on a story from CNET that hinted at a third rumored attack aimed at Sony. According to a new report, Sony may have closed another hole in its security this weekend following an intrusion that saw the release of personal details of entrants from a 2001 Sony sweepstakes. It's unclear if this recent leak is related to the rumored attack from last week or if it's just another shot from the previous attack that went unnoticed until now.

Sony said on Saturday that it had removed the names of 2,500 entrants to a 2001 product contest with partial addresses that had been copied and posted to an outdated part of the company's website. The one thing this latest leak could indicate is that more than just the gaming side of Sony may have been compromised. Luckily, it appears that there were no other details such as credit cards, social security numbers or passwords posted to the site.

Security Breach

Sony continues their efforts to secure networks from invasions.

The CNET report goes on to quote a member from the IRC channel in which the rumored attack was initially spotted that states, "Apparently Sony saw that article because the last server that I could access is offline now...its probbaly (sic) being patched like the other servers. There goes our window."

With any luck, Sony has plugged all of the holes on its leaky ship and further personal details will hopefully not end up floating around the web.

Sony's online services remained down over the weekend and into this week as further security testing on the Playstation Network (PSN) and Qriocity services continues, which are approaching their fourth week of downtime. Sony Online Entertainment's MMORPG services have been down since last Monday after it was discovered that those accounts had also been compromised. When the services might be restored is still a mystery but Sony's spokesman Shigenori Yoshida told Bloomberg yesterday that the company hopes to restore Playstation and Qriocity by May 31st.

While it's possible that Sony may have the Playstation Network and Qriocity services rebuilt and ready by May 31st, when SOE services will resume is still a unknown. We contacted Sony Sr. Public Relations Manager Taina Rodriguez last week for comment. Taina informed us that Sony is working around the clock to restore services, but there is still no solid date for service restoration.

While the hacktivist group Anonymous has repeatedly denied involvement in the theft and attack that has crippled Sony's online gaming services despite Sony claiming to have evidence that they were, two veterans of the group have told the Financial Times that other members of the group are likely involved. One member stated in the report, "If you say you are Anonymous, and do something as Anonymous, then Anonymous did it,” said the hacker, who uses the online nickname Kayla. “Just because the rest of Anonymous might not agree with it, doesn’t mean Anonymous didn’t do it."

The group has continued to deny responsibility for the attack on its Twitter page, blogs and via press releases.

Sources:
CNET
Bloomberg
Reuters
AnonOps Twitter
Financial Times
EverQuest II Twitter


News from around the 'Net