24.8 million users' details stolen, credit card information also at risk.
Sony has confirmed that it has had details of 24.8 million gamers stolen from its Sony Online Entertainment MMO service, including some credit and debit information. As part of its investigation into the separate loss of 77 million users’ data from PSN, Sony says it discovered this latest “security breach”, taking the service down yesterday.
Despite only taking action yesterday, and confirming the breach in a statement last night, Sony says the attack happened on 16 and 17 April, the same time as PSN was hit by hackers.
Sony says the investigations of engineers and security specialists, “…showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.”
As with the PSN breach, Sony has confirmed that users’ name, date of birth, address, password, phone number, email address and gender have been compromised. Customers in Austria, Germany, Netherlands and Spain could also have had their bank account number, account name and address exposed.
Sony said that it has moved as swiftly as it possibly could in shutting down and informing SOE customers about this latest breach, but punters will once again be asking why it took so long to detect such a massive security failure.