Sony‚Äôs new chief information security officer, Philip Reitinger, announced on Wednesday that the company had temporarily locked some 93,000 user accounts across three of its online entertainment networks, after detecting attempts ‚Äúto test a massive set of sign-in IDs and passwords against our network database.‚ÄĚ
The announcement marks a corporate effort to improve transparency with Sony customers from April, when days passed before the company acknowledged the possible compromising of user information following an attack on its PlayStation and Qriocity networks.
Reitinger, in his first blog post as Sony‚Äôs information security chief, told customers on Wednesday that less than one tenth of one percent of the company‚Äôs PlayStation Network, Sony Entertainment Network, and Sony Online Entertainment audience was affected by the new round of hacks. ‚ÄúOnly a small portion‚ÄĚ of the affected 93,000 accounts, Reitinger said, had shown additional activity prior to their being locked by Sony.¬†The executive also noted that user credit card numbers were not at risk from the breach.
Reitinger, who joined Sony in September,¬†has previously held cyber security positions in the U.S. Department of Homeland Security, Microsoft Corp., the U.S. Department of Defense, and the U.S. Department of Justice.
Such entertainment security issues will be the focus of discussion at MESA and Variety‚Äôs upcoming Entertainment Security Summit, set to take place Dec. 8 at the Universal Hilton Hotel in Los Angeles. For more information visit www.entertainmentsecuritysummit.com.
A potential new wrinkle in the cyber attack on Sony Computer‚Äôs PlayStation Network: a knowledgeable source tells Bloomberg that the hacker responsible for the security breach waged the attack using rented Amazon.com servers.
The hacker used a bogus name to register with Amazon‚Äôs Elastic Compute Cloud (EC2) service, which offers server capacity on demand for pennies per hour.
Sony executives told Reuters on Tuesday, however, that they had seen no evidence of Amazon servers being used in the attack.
Restoration of Sony‚Äôs PlayStation Network and Qriocity services began this past weekend, after the company spent the better part of a month shoring up its data security infrastructure.
Sony says it has added software monitoring, penetration and vulnerability testing, and new levels of encryption and firewall protection to its network, along with an early-warning system for unusual activity patterns that could signal attempts to breach security. The company also announced the appointment of Fumiaki Sakai, president of Sony Global Solutions, as acting Chief Information Security Officer of Sony Network Entertainment International. Sakai oversees efforts to further reinforce overall information security across the company‚Äôs network infrastructure, while leading the search for a new and permanent CISO.
More on the heavy-traffic hiccups of the PlayStation Network relaunch at The Atlantic.
A Sony Computer spokesperson tells Bloomberg that the company plans to restart its PlayStation Network and Qriocity services fully by May 31. Sony had expected to have brought portions of the services back online by now; but the company acknowledged to its U.S. users on Friday that the extent of the April attack on its servers was wider than it thought.
As the criminal investigation into the security breach continues, Sony is considering offering a reward for information leading to the arrest and prosecution of hackers, per All Things Digital.
Ten days after security breaches prompted a shutdown of its PlayStation Network and Qriocity services, Sony Computer Entertainment says that it will begin a ‚Äúphased restoration‚ÄĚ of the services with new security features this week.
Making the announcement on its PlayStation blog, Sony said it would offer customers complimentary content and services as a ‚Äúwelcome back‚ÄĚ gesture to its customer base, which spans some 77 million registered accounts.
The game company also is creating a new executive post of Chief Information Security Officer, directly reporting to Shinji Hasejima, chief information officer of Sony Corp., to add a new position of expertise in and accountability for customer data protection and supplement existing information security personnel.
Meanwhile, sister division Sony Online Entertainment announced it was taking its Station.com gaming website offline, following discovery of a security issue related to the April 19 PSN breach. The company plans to give an update on the PC gaming site later today. More details at GameSpot.
As Sony Computer continues to rebuild the security infrastructure of its PlayStation Network and Qriocity services, the company tells customers that ‚Äúthere is no evidence at this time‚ÄĚ that hackers took credit card information in last week‚Äôs incident. Still, Sony says that it cannot rule out the possibility‚ÄĚ of credit card data theft.
The company is sending emails to the services‚Äô 77 million registered accounts, urging customers to review their credit card account statements and monitor their credit reports.
Sony also says that it already has begun to move its physical network infrastructure and data center ‚Äúto a new, more secure location‚ÄĚ as part of its response to the breach. Both the PlayStation online gaming network and the Qriocity music and video streaming service remain shut down.
Sony says it has ‚Äúa clear path to have PlayStation Network and Qriocity systems back online,‚ÄĚ with expectations to restore ‚Äúsome services‚ÄĚ within a week. But the continued shutdown of the company‚Äôs digital distribution network ‚ÄĒ sparked by what Sony has now elevated to an ‚Äúillegal intrusion on our systems‚ÄĚ ‚ÄĒ is now only part of the story, with the company informing PlayStation and Qriocity users yesterday that their personal information may have been compromised.
Sony‚Äôs announcement prompted a U.S. Senator, Richard Blumenthal (D-Conn.), to demand that the company explain why it took more than a week to inform consumers of the potential security breach. ‚ÄúWhen a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised,‚ÄĚ Blumenthal wrote to Jack Tretton, chief executive of Sony Computer Entertainment of America. ‚ÄúPlayStation Network users should be provided with financial data security services, including free access to credit reporting services, for two years, the costs of which should be borne by Sony. Affected individuals should also be provided with sufficient insurance to protect them from the possible financial consequences of identity theft.‚ÄĚ
On the company’s¬†PlayStation blog, Sony spokesman Patrick Seybold attempted to clarify the situation, stating that the company had hired ‚Äúoutside experts‚ÄĚ to ascertain the nature of the intrusion following its discovery. ‚ÄúIt was necessary to conduct several days of forensic analysis, and it took our experts until yesterday (April 25) to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon (April 26).‚ÄĚ
As many as 77 million customers utilize the PlayStation Network, according to a report in The New York Times.
Sony‚Äôs PlayStation Network and Qriocity services have been offline for nearly a week, as the company continues to shore up its network security in response to an ‚Äúexternal intrusion‚ÄĚ on April 20.
‚ÄúThis is a time intensive process and we‚Äôre working to get [PlayStation Network and Qriocity] back online quickly,‚ÄĚ said Patrick Seybold, Sony‚Äôs senior director of corporate communications, in an April 25 blog post. The company has issued no timeframe for when the services will be restored.
The Wall Street Journal notes that Sony is still investigating whether any personal customer information, such as credit card numbers, had been compromised in the attack. The shutdown has already held consequences for game publishers, with purchasers of new PlayStation titles such as Warner Bros. Entertainment‚Äôs ‚ÄúMortal Kombat‚ÄĚ deprived from playing the games over the three-day Easter weekend.
The PC videogames market is rapidly approaching a 50-50 split between physical and digital distribution, and a recent digital release for Sony‚Äôs PlayStation 3 console has yielded ‚Äúmeaningful‚ÄĚ sales, according to Electronic Arts chief John Riccitiello.
Speaking at a Morgan Stanley investor conference in San Francisco last week, Riccitiello told of the games publisher‚Äôs test with Sony to sell ‚ÄúMass Effect 2‚ÄĚ over Sony‚Äôs digital PlayStation Network, in tandem with the game‚Äôs physical debut for the console in January. ‚ÄúWe did absolutely nothing to market‚ÄĚ the digital version, he said. ‚ÄúSony had never done a day-and-date release. They were very cautious about their infrastructure, so it was mostly a technology test.‚ÄĚ
Yet the digital version would up accounting for a ‚Äúdouble-digit percentage of total sales,‚ÄĚ Riccitiello said, without divulging a specific figure.
While the market demand is apparent for downloadable versions of full-length videogames, the EA executive said that a broader digital distribution program on the PlayStation Network as well as Microsoft‚Äôs Xbox Live may be hampered by what he termed a ‚Äúchannel conflict‚ÄĚ between the companies‚Äô digital networks and physical goods business units. ‚ÄúThey have got to manage…selling boxes at retail,‚ÄĚ¬† Riccitiello said, ‚Äúand it‚Äôs generally a pretty thin margin business. And so they basically negotiate and leverage shelf space on the promise of making retail margin on software.‚ÄĚ
More at IGN.
Sony‚Äôs PlayStation Network chipped away at the Microsoft‚Äôs lead in digital videogame sales during the second half of last year, with the online network grossing an estimated $49.4 million between July and December of 2010, according to research firm Forecasting & Analyzing Digital Entertainment (FADE).
PlayStation Network posted 40% sales growth during the six month period (compared with 2009), outpacing the concurrent 18% increase at Microsoft‚Äôs Xbox Live Arcade. The Sony network, which pulled in an estimated $9.3 million in December alone, now counts more than 100,000 monthly users.
The top-selling digital title on PlayStation during the period was Ubisoft‚Äôs ‚ÄúScott Pilgrim vs. The World,‚ÄĚ for which Sony snagged an exclusive release window, with 190,000 copies sold.
For titles sold via multiple digital platforms, PlayStation is approaching sales parity with Xbox, FADE adds. ‚ÄúIn 2009, Microsoft enjoyed a 2:1 sales advantage for multi-platform titles launching simultaneously. Today, that advantage is nearly even with first-month typical sales being 55/45 among new titles like ‚ÄėCostume Quest,‚Äô ‚ÄėPac-Man CE DX,‚Äô and ‚ÄėX-Men Arcade,‚Äô‚ÄĚ says Benjamin Schlichter, FADE director of research & analysis.
Online PlayStation 3 gamers will now have a day‚Äôs jump on the Xbox 360 audience for new downloadable content, as the Sony-owned digital distribution network moves its release date from Thursday to Tuesday. First content to be released under the new schedule next week includes an expansion package for Activision‚Äôs ‚ÄúCall of Duty: Modern Warfare 2‚ÄĚ and a downloadable game for Sony‚Äôs PSP device. By Kotaku
In the ongoing battle for content, Sony said Tuesday that it had locked in the five top studios to supply HD content to the PlayStation Network. At launch, the content will be available in the U.S. only, with plans to launch soon in the U.K., France, Germany, and Spain, Sony said. By PC Magazine
Total revenues from download services such as iTunes and Amazon Video on Demand amounted to $291 million in 2009, falling short of research firm Screen Digest‚Äôs expectations for the year by some $69 million. paidContent cites a forthcoming report from the Screen Digest that blames the underperformance on a lack of effective marketing from studios.
As it stands, four movie download services — iTunes, the Zune (Xbox) Video Marketplace, Sony‚Äôs PlayStation Network, and Amazon VOD ‚ÄĒ account for 97 percent of the market. iTunes alone has an 80 percent share, Screen Digest says. But the download figures do not take into account streaming movie services from the likes of Netflix, which are increasingly taking root with consumers. By paidContent
Sony Computer Entertainment has issued a fix for a bug that prevented PlayStation 3 users from connecting to the Internet for roughly 24 hours. The internal clocks in older-model PS3 consoles, Sony says in a blog post, erroneously recognized the year 2010 as a leap year. The bug triggered a service outage Monday for online gamers as well as those who rented movies and other videos from the PlayStation Store. Sony Computer
Gaming sites were abuzz March 1 with the news that Sony‚Äôs PlayStation 3 has a bug that is preventing users from being able to access PlayStation‚Äôs Internet network and in some cases blocking games from being played altogether. The official PlayStation blog says engineers have ‚Äúnarrowed down the issue‚ÄĚ and are working to solve the problem, which was first reported by users on Sunday. By The Wall Street Journal
At CES, Sony Computer Entertainment chief Kaz Hirai described long-anticipated plans to unify its PlayStation Network content offerings across its product line – including network enabled Blu-ray players, Sony televisions and PCs. Further, Hirai announced the creation of a new studio specifically to produce content for this type of distribution. The studio will be called Sony Network Entertainment, and Hirai is in charge of it. By Kotaku
A customer survey indicates that Sony is considering premium subscription plans for its PlayStation Network, detailing potential prices and premium services, including full hour game trials, free access to PSOne Classics, and cross-game voice chat. By Kotaku