RSS Alerts

Share

More services

Related Stories

Top 5 Stories

News

Sony admits to second data breach affecting 24.6 million customers

03 May 2011

Still reeling from the PlayStation Network data breach, Sony has admitted to a second security breach that may have resulted in the theft of personal information of 24.6 million Sony Online Entertainment (SOE) customers.

The SOE breach is in addition to the hack of over 75 million PlayStation Network user accounts last month.

In the lastest revelation, Sony said that the names, street and email addresses, birthdates, phone numbers, login names and passwords of 24.6 million SOE customers may have been stolen. The company said that it had previously thought that SOE customers were not affected by the data breach last month, but concluded on May 1 that SOE account information had been affected.

In addition, Sony had the following revelation for non-US customers about the breach of a 2007 database: “The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.”

Sony stressed that there is “no evidence” that the main credit card database was compromised.

Sony is still dealing with the aftermath of PlayStation breach. Last week, a House panel sent a letter to the company demanding answers about the breach.

“Sony’s public statements suggest there is no evidence credit card data was taken, but such a scenario cannot be ruled out. Given the amount and nature of personal information known to have been taken, the potential harm that could be caused if credit card information was also taken would be quite significant”, the letter read.

The letter requires Sony to provide answers to a series of questions about the PlayStation data breach and Sony’s data security policies in general. The letter was sent by the chairman and ranking member of the House Energy and Commerce Committee’s subcommittee on commerce, manufacturing, and trade, which plans to hold a hearing on consumer data theft on May 4. The hearing will not include Sony representatives, who declined to participate.

In addition, the Department of Homeland Security, state attorneys general, and the European Union are investing the PlayStation data breach as well. A spree of lawsuits around the globe could be in the works, Reuters reports.

This article is featured in:
Data Loss  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions | Privacy | Website Design| Reed Exhibitions. All rights reserved. Copyright © 2013
We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×