CyberSecOp.com

View Original

PlayStation Network Breaches (PSN Hacks)

PlayStation Network was launched in the autumn of 2006 and offers games, music and movies to people with PlayStation consoles.

2021 PlayStation Network Users Account Breach

On July 14, 2021 Sony Urges PSN Users to Use 2-Step Verification After Reports of Hacking. Sony urged users of its PSN service to use 2-step verification after receiving user reports of account hacking. Several users have submitted inquiries through the official Japanese PlayStation Support. While the issue has to do with PSN accounts, there is no indication that any of Sony’s official accounts were breached. This includes any hacking attempts or any breach of information through the service.

2014 PlayStation Network Breach

On November 24, 2014, a hacker group identifying itself as "Guardians of Peace" leaked a release of confidential data from the film studio Sony Pictures. The data included personal information about Sony Pictures employees and their families, emails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, plans for future Sony films, scripts for certain films, and other information.

On December 24, 2021 Xbox live and PlayStation Network attack and Christmas was ruined for millions of gamers. Millions of people could not use their games consoles for a second day as disruption on the Xbox Live and Sony PlayStation networks continued after an apparent cyber-attack.

The group calling itself Lizard Squad once again claimed responsibility for bringing down both networks on Christmas Eve, which could have affected nearly 160 million gamers. This was once again distributed denial of service, or DDOS, the attack is overloading the systems of both services by generating fake access requests. More than 110 million people use the PlayStation Network (PSN) and at least 46 million use Xbox Live, both of which connect players to other gamers and services through the internet. Lizard Squad had apparently threatened to target both networks at Christmas describe itself as the “next-generation Grinch”.

 2011 PlayStation Network Breach

This PlayStation Network attack took the down for 23 days

The first reported play PlayStation Network Breach was disclosed between April 17 and April 19, 2011.

Sony learned that user information had been stolen from its PlayStation Network seven days ago, prompting it to shut down the network immediately.

The company said user account information for the PlayStation Network and its Qriocity service users was compromised between April 17 and April 19.

On April 20 PlayStation Network services were disabled to investigate the security incident. Sony update it blog that all data was encrypted and the database of customer information exposed to the unknown attacker. The data base includes information such as name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, handle/PSN online ID, as well as profile data including purchase history and billing address (city, state, zip), and PlayStation Network/Qriocity password security answers.

On April 30, 2011, Sony report that recovery is on it was and it hope to restore all services with the week.  Sonly also update that it was work with multiple security firms. May 3, 2011, Sony announced that a total of 77 million customers were affected in the breach.

On May 2 Sony issued a press release, according to which the Sony Online Entertainment (SOE) services had been taken offline for maintenance due to potentially related activities during the initial criminal hack. Over 12,000 credit card numbers, albeit in encrypted form, from non-U.S. cardholders and additional information from 24.7 million SOE accounts may have been accessed.

On May 6 Sony stated they had begun "final stages of internal testing" for the PlayStation Network, which had been rebuilt.  However, the following day Sony reported that they would not be able to bring services back online within the one-week timeframe given on May 1, because "the extent of the attack on Sony Online Entertainment servers" had not been known at the time. On May 14 various services began coming back online on a country-by-country basis, starting with North America. On May 23 Sony stated that the outage costs were $171 million.