Sections

Sony suffers new hacker attacks

Thai website and Japanese service provider hit in latest incidents

A Sony website in Thailand has been hacked and virtual points stolen in Japan, as the company suffers two new attacks - although the PlayStation Network itself has not been affected.

A link to a fake site purporting to be an Italian credit card company was added to the Sony website, with the hackers attempting to trick customers into revealing card and personal information.

The incident was proceeded by a separate attack on Thursday, with Sony's So-Net Internet service provider revealing that hackers had infiltrated their system and stolen 100,000 ($1,225/875) worth of "virtual points" from account holders.

"What we've done is stopped the So-Net points exchanges and told customers to change their passwords," said So-Net in a statement.

"At this point in our investigations, we have not confirmed any data leakage. We have not found any sign of a possibility that a third party has obtained members' names, address, birth dates and phone numbers," added the company.

The incidents are the most serious since attacks last month that compromised up to 100 million PlayStation Network and Station.com accounts. Although some PlayStation Network services have now been restored the PlayStation Store is still out of service.

"Sony is going through a pretty rigorous process and finding the holes to fill," said Josh Shaul, CTO for computer security firm Application Security in a Reuters interview.

"The hackers are going through the same process and they're putting their fingers in the holes faster than Sony can fill them," he added. "I think it's now 'I'm a hacker and I'm bored, let's go after Sony.'"

Related stories

Sony sold 8.4 million PS4s in Q3

15.4 million after nine months, already higher than the whole of the last fiscal year

By Matthew Handrahan

Corporate crowdfunding might not be all bad

Sony's First Flight is a morally uncomfortable development - but could result in better games and products

By Rob Fahey

Latest comments (9)

Kingman Cheng Illustrator and Animator 5 years ago
Enough is enough, looks like people are still trying to kick Sony whilst they're down.
0Sign inorRegisterto rate and reply
Sigh...
0Sign inorRegisterto rate and reply
Curt Sampson Sofware Developer 5 years ago
I doubt the criminals care whether they're kicking Sony when they're down or not. They happen to see an easy target, and they take advantage of that. Sony really brought this on themselves for not taking security more seriously in the first place.

It's hard on Sony, but at least it makes a great object lesson for the rest of the world. This will probably make my life easier when I'm talking to other companies while wearing my security analyst hat. (The most frequent reaction I get from management when I point out gaping holes in IT security is, "well, that won't be a problem.")
0Sign inorRegisterto rate and reply
Show all comments (9)
Geir Aaslid Producer, Virtual Game Worlds As5 years ago
Anyone operating without decent security in place deserves whatever is going to happen to them. Highly annoying to those of us who are customers.

Some corporations apparently never learn.
I am still waiting for SONY to confirm that they will encrypt all their customers personal information.
0Sign inorRegisterto rate and reply
Stefano Ronchi Indie Game Developer 5 years ago
True in a way what you say Geir, but would you still be of the same opinion if your company got attacked and infiltrated, rigorous security or not.
What annoys me is that these people are clearly geniuses -or at least very, very good- to be able to accomplish these feats. What a shame that the mega-corps instead don't try and recruit them, or that they cannot use their talents to improve programming, website security, website coding...shame indeed that their talent is just so utterly wasted.
0Sign inorRegisterto rate and reply
Andrzej Wroblewski Localization Generalist, Albion Localisations5 years ago
I am still waiting for Sony to perform some revolutionary steps towards quality and customer-oriented approaches in business strategies.
0Sign inorRegisterto rate and reply
Green Bean Gaming AntiCheat Organization 5 years ago
Granted Geir that they should have the best security measures they can achieve, but no one deserves it ever. And I also disagree with the notion of hiring someone who's attacking you. Seriously? Hire a burglar after they robbed you of your possessions? Seems ridiculous to me. If they're so smart why don't they apply for a job? Instead the hackers are acting more like sociopaths without care of anyone but their own. As far as this being a job interview, I think they failed, especially considering the financial losses Sony now faces. These attacks are pure hate. As you mentioned Geir they're hurting not only Sony but also all their customers. The focus shouldn't be on Sony, but what kind of twisted mind can justify this sort of attack.
0Sign inorRegisterto rate and reply
Jake Clayton5 years ago
Sadly, Jobs for people with these sort of skills, don't pay anywhere near as much as using these skills for evil, and as such these hackers will continue to use their skills for personal gain. (theres also the whole, no paying tax on their gains, and being their own boss with relatively little chance of being caught).
0Sign inorRegisterto rate and reply
Rui Martins Senior Software Developer 5 years ago
There is a large misconception, when people talk about "hackers".
There is a clear distinction between a "hacker" and a "digital criminal" or "Cracker".
Unfortunatly, the word has been so utterly abused that most don't know one from the other.
It's like when people comment on followers of "Islam, and similar, when what they really want to say is "Terrorists".

[link url=http://en.wikipedia.org/wiki/Hacker_%28programmer_subculture%29
]http://en.wikipedia.org/wiki/Hacker_%28p...[/link]

Some Hackers, do break-in systems, for the discovery of the process, the hunt, or whatever tickles their mind.
However, everytime someone steals, defaces, or otherwise hurts the "target", they are criminals, and not "Hackers"!.

[link url=http://en.wikipedia.org/wiki/Hacker
]http://en.wikipedia.org/wiki/Hacker
[/link]

I wish that everyone in the digital world would learn the lesson, about having none or weak security. But unfortunatly I know that this won't be the case. Some things have to be learned the hard way to really stick :(
0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.