You may remember the 23 day outage of the PSN earlier this year. Well, Sony certainly does, and now we know how successful the security measures and fail-safes they implemented are. Yesterday on the PlayStation Blog, Sony’s Chief Information Security Officer reported recent attempts against their network databases:
We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources.
He goes on to say:
Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts.
While it saddens me there are still attempts to compromise data and accounts, it is heartening to see how much Sony learned and changed from earlier this year. The system detected the massive attempts, then they immediately took action, and then they notified the consumers. These are three clear victories, and in direct contrast to the handling of the attack from the spring of 2011.
If you had one of the locked account, you should have already received an email notifying you of your next steps in validating your account. This is a great reminder to maintain healthy password habits. Passwords are like toothbrushes, choose a good(strong) one, change it regularly, and never share it with anybody.
Source: PlayStation Blog