Posts Tagged ‘PlayStation Network’

Sony PSN Update: The PlayStation Store Is Now Up and Running but Will it Stick?

Thursday, June 2nd, 2011

It has been over a month since Sony announced that the reason for the shutdown of their PlayStation Network service on April 20, 2011 was due to an external intrusion. On May 4, 2011 Sony had confirmed that the PSN Attack was able to obtain the personal information from over 100 million users. Following the hack, Sony remained confident and projected a short downtime for the network. Although Sony initially stated that they would fully restore their services by the end of the week, the recovery process experienced unforeseen problems.

PlayStation Network Logo

from http://us.playstation.com/psn/, June 2011

After being disabled for approximately 23 days, on May 15, 2011 the Sony PlayStation Network began restoring parts of their service country by country. At this time the sign-in for the PSN/Qriocity services, online gameplay, rental content, third party services, friends list, and chat functionality were all restored. Missing from the services that were brought back online was the PlayStation Store. Once back online the network again faced an issue concerning the password reset page. It was discovered that the password reset process was enabling unauthorized users to change the passwords of other users provided that they had knowledge of their email address and date of birth. After the discovery of this exploit the network disabled the password reset pages and resumed working to restore the PlayStation Store.

Sony announced that they will be offering customers free content as a part of a “Welcome Back Program”. The free customer appreciation content will be available sometime shortly after full restoration. Sony has also stated that the cost of the network outages and restoration was $171 million which includes the costs of security enhancements, customer reimbursements, and loss of content sales.

Yesterday afternoon (June 1, 2011) the PlayStation Network posted on the PSN Blog that that the PlayStation Store was once again up and running. The PS Store is now offering new updates, downloadable games, demos, add-ons, themes, avatars, and videos. For now, Sony is still in the testing process for the welcome back program download and expects it to be available for users shortly. Another PSN update is currently scheduled for Friday June 3, 2011.

Sony executives have stated “no system is 100 percent secure”, having learned from this occurrence Sony has made several security improvements and created a new Chief Information Security Officer position. The PlayStation Network is not the only Sony service to suffer intrusion, in a separate incident Sony Ericsson was also hit. The Sony Ericsson Hack was said to have affected over 2,000 customers.  According to The Huffington Post the servers at SonyPictures.com were also attacked on Thursday June 1, 2011.  This hack obtain the the information of 1 million users which was later posted on a website by hacker group LulzSecurity. Other recent security breaches include the Lockheed Martin Cyber Attack, Google Gmail hack and the PBS hack, these hacks present a clear picture of how technology can be used to do harm and provide an even greater reason for companies to implement as many proactive security measures as possible.

Although Sony projected an $860 million profit in a February report the company is now projecting a $3.2 billion net loss for the year. The loss is a combined result of several network hacks, security upgrades, customer remuneration, tax credit write offs from the previous quarter, and disruption in production caused by the earthquake and tsunami in Japan.

Taking into consideration the hard times faced by Sony recently, will you continue to be a customer or have you lost all faith in them? Share your thoughts below.

Thanks for Reading and Have a Great Day!

Dustin

ComputerFitness.com

Providing Tech Support for Businesses in Maryland

PlayStation Network Attack, What You Should Be Doing To Protect Yourself

Thursday, April 28th, 2011

On Friday April 22, 2011 the Sony PlayStation Network stated that as of April 19 th they had become aware that PlayStation and Qriocity user accounts had been hacked. Prior to this notification they have made several announcements, none of which providing the exact details for the disruption in network services.

During the time leading up to the official hackerpublic disclosure Sony had disabled their system which left many PlayStation Network users in the dark about the true circumstances surrounding the event. It wasn’t until April 26, 2011 that Sony offered the full explanation that user account information and potentially their financial information had been unlawfully acquired during an intrusion. The unauthorized intrusion of the network accounts left over 70 million users as well as their personal and financial information at risk. For a full timeline visit PlayStation Network Hack Timeline.

Because Sony had waited a full 6 days after the time of discovery to present a fully detailed announcement most people are wondering why the delay with informing the public. Typically when a breach does occur it is not uncommon for some amount of time to pass before the public is fully informed, this is usually to confirm the facts, consider solutions and prevent public panic. However during this time users could have been taking their own preventative measures by informing their credit card companies, monitoring credit reports, and avoiding phishing scams. For a great article concerning the legality of informing the public in the event of a security breach visit PlayStation Network hacked, data stolen: how badly is Sony hurt?

The PlayStation Networks Official Website released a statement detailing what efforts are being made to rectify this unfortunate situation and promises that it is a temporary issue that will be cleared up as soon as possible. Currently the network connection is still deactivated. An outside security investigation company has also been contracted to investigate the security breach and Sony is currently developing new security features. With these new features they hope resolve the system’s vulnerability and provide more safety precautions to protect a user’s personal information in the event of future occurrences.

It is PlayStations fear that the unlawful invasion into user information exposed user names, addresses, email address, birthdays, passwords, logins, purchase history, and even billing information. The official statement goes on to state that even though there is no evidence that credit card information was obtained they are not ruling out the possibility. Although many Sony officials believe that the hack was to gain notoriety as opposed to financial information they cannot be certain. As Sony continues to work around the clock to regain the confidence of its customer’s users should be taking the following actions to ensure the security and protection of their information.

What you should do!

  • It is advised that if you have provided any credit card information that you contact the card company and inform them that your information may have been obtained during this event.
  • It is also urged that users be mindful of email, phone, and postal scams. Sony has said that they will never contact a user to acquire credit card numbers, social security numbers, or any personal identifiable information. Often hackers will take the portions of useless information and contact you pretending to be the organization in order to obtain the rest of the information that they require.

  • Sony also advises that once the network is secure and user connection is reestablished that a user should change their login information immediately.

It’s important to remember that these kinds of incidents happen all the time and unfortunately they are the reason why we need implement more and more secure practices every day. Any fraudulent charges that do result from this incident will of course be handled by Sony. One issue left un-answered is why Sony chose to wait so long to inform its users about the potential security threat?

What do you think? Should Sony have disclosed the full details and given customers the opportunity to protect themselves sooner, or were they right to gather all the information before causing panic?

Thanks for Reading and Have a Great Day!

Dustin

ComputerFitness.com

Providing Tech Support for Businesses in Maryland