Sony Online Entertainment has shut down service of it’s games and services on the heels of the attacks against the Playstation Network. In a message on their Facebook page, they state “We had to temporarily take down SOE services during the night”. SOE is a different entity to PSN, but all managed by the same company. It does appear that the breach in the Online Entertainment Network is directly related to the breach on the PSN network in April.
While Sony spokesperson denies that this is a “second attack” it does raise concern about the overall safety on the Sony cloud network. While the PSN continues to deny that credit card information was stolen from their particular attack, nor is the information up for sale, more and more users are taking to forums to share that there are “unauthorized charges” on their credit card statements. So the question becomes, where did Sony fail it’s customers?
First, PSN waited seven days to admit they had suffered from a security breach. They failed their users with being transparent, instead, they simply took the network offline and let speculation swirl on the internet about why the network was down, again. It almost seemed like Sony assumed that the hacktivist group Anonymous was responsible, and wanted to let that simmer while they worked on getting their network fixed. In the meantime, the hacker group’s Facebook page was flooded with hateful comments from gamers, even as they continued to deny their involvement with a second attack. The group was responsible for the first attack but called that attack off when they realized they were affecting users.
Second, Sony was pretty vague when they admitted to a second attack on PSN. As we reported, there was an official blog posting that admitted that they had suffered a major attack and their usernames, billing addresses, etc were breached, but stated that they did not believe their credit card information had been released. Even in say this, they provided detailed information on how to alert the various credit bureaus about potential fraudulent activity. They continue to assert that credit card information from the PSN is not for sale and to remain vigilant about the use of their credit cards.
At least the breach on the SOE is being addressed quickly and specifically. Sony has apologized to their users and the company is continuing to work with the FBI and internal security teams to determine how this has happened and how it can be fixed.
As of now, Sony is promising to have their network back up and running within a week and promising customers a forest of free and new content to swim through, once they can restore their networks.