Sony working with police on PlayStation Network hack

The PlayStation Network and Qriocity streaming music service were turned off on April 20 in the wake of an "external intrusion," according to Sony spokesman Patrick Seybold.

"We are currently working with law enforcement on this matter as well as a recognised technology security firm to conduct a complete investigation," Seybold said in a blog posted Thursday on the PlayStation website.

"This malicious attack against our system and against our customers is a criminal act and we are proceeding aggressively to find those responsible."

Launched in November 2006, the PlayStation Network allows PlayStation console users to play games online, challenge others on the Internet, stream movies, or get other services.

The Japanese electronics giant said it was possible hackers had taken users' credit card data.

"While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," Seybold said, warning that "...we are advising you that your credit card number and expiration date may have been obtained."

Sony said it had emailed all 77 million users worldwide to warn them that their data may have been stolen.

"Hope these people are caught. I think gamers worldwide would love a new Sony PSN series about bringing them to justice," wrote one gamer using the name BlueFrog007.

"I hope Sony finds the hackers and puts them in jail!!! I mean they just stole a boatload of personal info they deserve 25 to life," said user Lopez9577.

Microsoft has warned users of its Xbox Live service of possible attempts to steal personal data following the PlayStation Network hack.

"Users may receive potential phishing attempts via title specific messaging while playing Modern Warfare 2," it said on the Xbox Live Status website.

"We are aware of the problem and are working to resolve the issue." The problem appeared to be linked to just the one game.

Enlarge

Fact file on the cyber attack which targeted Sony's PlayStation 3 network.

"However, we want to be very clear that we will only restore operations when we are confident that the network is secure," Seybold said.

Gamers posting on the network site were generally supportive of Sony's efforts but some were frustrated after a week with no access and others were scathing of the company's handling of personal data.

"Just because it's behind 'security' doesn't mean it shouldn't be encrypted. Sony, you failed your user on a worldwide scale in regard to protecting their personal information," wrote gamer BloodyCow, who described themselves as a computer network engineer.

Several users said they had cancelled their credit or debit cards as a precaution.

"I rather just change cards than to take the chance. Lets face it, even encrypted info can be un-encrypted," said mixedkidbx.

Sony has not indicated whether it has identified a culprit in the intrusion.

Internet vigilante group Anonymous had vowed retribution against Sony for taking legal action against hackers who cracked PS3 defences to change console operating software.

Anonymous argued that PS3 owners have the right to do what they wish with them, including modifying them.

Seybold said Sony was taking steps to enhance security, including moving its network infrastructure and data centre to "a new, more secure location."

Sony has sold about 48 million PS3 consoles worldwide since they hit the market in November of 2006.

(c) 2011 AFP