SOE accounts, credit card info compromised

[UPDATE] Sony Online Entertainment confirms info on 10,700 European bank records may be stolen along with credit card details of nearly 13,000 and personal info for 24.6 million customers after games, websites taken down.

Trouble seemed to be afoot at Sony Online Entertainment this morning, when the publisher brought game servers and websites related to its portfolio of massively multiplayer online games offline. As suspected, SOE has now confirmed that it, too, has suffered a security breach similar to the one plaguing the PlayStation Network and Qriocity services.

24.6 million SOE accounts have been compromised.

In a statement issued to GameSpot, SOE has now confirmed that approximately 24.6 million accounts as well as 12,700 non-US credit or debit card numbers and expiration dates may have been stolen. The information may have been obtained by hackers between April 16 and 17, and SOE believes that it was part of the initial attack that compromised the PSN and Qriocity service.

"This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007," the statement reads. "The information from the outdated database that may have been stolen includes approximately 12,700 non-US credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands, and Spain."

[UPDATE] As SOE had previously noted, the credit card information that may have been stolen as part of the attack was taken from an outdated database. Today, the online games publisher told GameSpot that of the 12,700 compromised numbers, only about 900 were still valid.

Of the 24.6 million compromised accounts, SOE said that hackers may have obtained names, addresses, e-mail addresses, birth dates, genders, phone numbers, login names, and passwords. SOE noted that the password data is stored in a hashed form and not plain text.

The foreign direct debit record information includes bank account numbers, customer names, account names, and customer addresses. The breach was discovered as Sony's engineers and outside consultants reviewed SOE's system in the wake of the attack on the PSN and Qriocity services.

According to SOE, the 24.6 million accounts were not game-specific. Games that fall under the publishing label include EverQuest, EverQuest 2, DC Universe Online, Free Realms, Star Wars Galaxies, Pirates of the Burning Sea, Vanguard: Saga of Heroes, and PlanetSide.

SOE said that it would add 30 days of free game time to current customers' subscriptions to make up for the service interruption. The publisher also promised that it would be offering a one-for-one match of free game time for each day that servers are offline.

Written By

Want the latest news about EverQuest Secrets of Faydwer?

EverQuest Secrets of Faydwer

EverQuest Secrets of Faydwer

Discussion

1383 comments
thekey
thekey

@Raptomex 100% agreed.

Raptomex
Raptomex

@thekey So, you see my point. They put us at risk with cheap security. And we deserve more than just 30 days of PS Plus free.

thekey
thekey

@Raptomex I agree. They were trying to be cheap with online security.

Raptomex
Raptomex

@thekey Yes, but this is the second time Sony something was hacked. I believe it was the website a year back or so. So my statement still stands. Their security, in particular, really sucks.

thekey
thekey

@Raptomex Anything can be hacked even with expensive security.(If it has encryption it can be cracked)

digimon360
digimon360

I bet some random kid is thinking so that's what that button did lol.

gibbongutsy119
gibbongutsy119

FOR all the fools here who think sony lost the info coz of their own mistake and stuff..kids grow up and learn Sony had a 128bit encryption base firmware setup for the record management. Hacking into that is hard. But it is possible and duh ...it has happened. The issue was they didnt realize the whole PSN system was hacked and not just the 1 database.

chrisopo
chrisopo

According to the playstation blog its not yet finished and is in the final testing stages so who knows today tomorrow next week next month next year who knows playstation network might return

chrisopo
chrisopo

why is 360 boys doing here anyways

risako9
risako9

360 boys should stay with XBOX Live! Get a life!

chrisopo
chrisopo

yh its stored on a database.

Sveznajko
Sveznajko

What if i entered my credit card on my psn account , and then delete it after a while. Will it still be stored in the database?

chrisopo
chrisopo

PSN is nearly ready and complete

momar780
momar780

Everyone keeps arguing about what to do and who's fault this is. If you had info left on your account they could have your cc info. If you had money on your account from a psn card or previously charged cc you could loose it. It sucks either way. I think its safe to say since these hackers are under the eye of 3 countries' governments they won't be spending any of our money (I hope). This is unfortunate but I think its getting blown out of proportion. I understand thats what the media does though. If everybody just watches their accounts, cancels their cards, and watches their statement im sure everything will be fine. credit card companies and very understanding and are well aware of this situation.

unknownmight
unknownmight

hi guys i have news flash: PS3 IS STILL AWESOME WITHOUT PSN

theWanderer80
theWanderer80

I bet if they stop cracking down on PS3 jailbreaking the PSN SOE networks will stop getting hacked.

Raptomex
Raptomex

@luciferbelmont well if sony's security didn't suck, they would have never gotten hacked. so yeah they put us all at risk with there horrible security.

pakhair
pakhair

Wewll surely we can't blame Sony for breach, It could have happened to any company and as we all know Hackers used special kind of technique to hide from the system that anything has has happened and that's the reason it took so much time for Sony to understand the scope of breach. NOW TO MY SECOND NOTE Sony were stupid enough for not using great encryption techniques on their service and that's the reason, they should be sued and pay for the mightiest mistake they did

01-cannon-mpc
01-cannon-mpc

@risako9 I never got a PS3 because of the simple fact that ther have never bin any PS3 games that have goten my intrest. But i have played Star Wars Galaxies. But i cancled my supscription for that game 1 or 2 mounths ago. But i have to be honest. Im not sure what it is thats affected buy the hack. Is it the PSN or the SOE MMO's? Or everything related to Sony? Im comfused! =S

cmboy
cmboy

And this it was the first time that it append? Last year, in September I bought a game on the PSN. In the next day someone used my credit card and bought thing worthing about 2k €.. In that day, the Sony released an security update for the PS3...

endouken
endouken

@ThatManTrama "Why the hell are you guys blaming Sony for their data to be stolen?" Where in the blue hell did I blame Sony?!?! Learn comprehensive reading skills, seriously. I said (to someone else): "you're an illiterate dyslexic lawyer...Sony will be shaking in their boots." My above response was so blindingly sarcastic I am going to credit you with the intelligence of reading it in such a tone. The poster i quoted was threatening to sue Sony claiming to be a hotshot lawyer whilst using awful spelling grammar and syntax which i found to be ironic as well as unfounded - as did 16 other people who thumbed down his comment. I did not say I support his position, I simply pointed out Sony will not give a rats-bum about someone threatening them when he cannot even write in the Queens English. For the record, I blame Sony 50/50 for the attack. They provoked it by acting like petulant children, throwing the full force of their weight around and suing their own customers/hackers. Other companies would have offered the hackers a job. This irritated the hacking community who retaliated also at full force...which i think we can all agree seems to be somewhat mightier. Sony also kept customer records in a flat file rather than encrypted - which is an amateur mistake, and seem unable to close the breech in any kind of timely fashion. Now, if you read it this far - kudos, and i hope you will construct a logical reply to back up your unfounded accusation.

SOUP_MAN_242
SOUP_MAN_242

as much as i like sony and there sub divisions..... they deserve this i mean they were beeing lazy with the storage of peoples personal info i mean dang

PCsama
PCsama

than's terrible O0O

mapmaker187
mapmaker187

what happened to sony outage countdown format? every day gamespot would display how may days the PSN was down. now they have this crappy green format. go back to the countdown display!

arsnakeheart
arsnakeheart

@risako9 The truth is PS3 users with no PSN: play the singleplayer of your exclusive games, it's the best part of this generation anyways Xbox 360 users with no Live: get a PS3 so you can play good games, because all that makes the 360 "better" is crappy, Internet dependable online gaming. Or they can get a PS2, and play large quantities of good games.

j2531bel
j2531bel

That guy ffrom Sony or Gamespot who made the video regarding this problem should be "shot". His tone and the music made it sound as if this was a small and joyful "PROBLEM". Folks get your act together, Sony's net was breeched twice; the second time was while they were trying to figure out what happened the first time. Frankly I am honestly thinking of chucking my PS3 into the garbage!

BloodHaven13
BloodHaven13

@ leandro_Brasil oook i own ps3 and xbox 360 im not a "fanboy" i just play all hot games. Ps3 is great i play alot of single player games or exclusives but sorry 360 is just so much better. 360 provides a great online experience which has been the future of gameing for a while now. ps3 offers horrible online experience with broken security. my opinion based off of facts.

OldKye
OldKye

@lmlf I'm not saying that everything doesn't much they same way anyone who walks on the wrong side of town could get mugged what I'm saying is that people like blizz walk around with two UFC champs to keep from getting mugged and Sony walks around with a 4 year old holding a stick and hackers know this

iks_kvort
iks_kvort

If this means a kick in the console monkeys ass! - Gz. to the hackers!

Brazucass
Brazucass

That is what SOE deserves for making me camp west karana for the pegasus feather cloth for 3 days when I was younger :D

lmlf
lmlf

@OldKye in this days everything suffer cyber attacks, it`s the same if you pay or not!! Pay to play no way!!

naback
naback

Dude.. was already included extra security to PSN, why didn't they turned it on?

naback
naback

[This message was deleted at the request of the original poster]

02050muh
02050muh

microsoft, nintendo n sega try to bring sony down..that is my explanation.. why sega? lol..coz of playstation, they back off from console production

octotoke
octotoke

EverQuest, EverQuest II, The Matrix Online, PlanetSide, Star Wars Galaxies, Free Realms, Vanguard: Saga of Heroes, DC Universe Online, if you play these games there's a chance that your data was compromised.

octotoke
octotoke

@uglypinkmoose SOE refers to PC games, this is a second attack probably related to the PSN attacks

willard1975
willard1975

This is payback for what they did to Star Wars Galaxies :)

uglypinkmoose
uglypinkmoose

this is a pretty big deal.... thank god I only use my 360 and pc for online...would suck if 360 was next ;D

risako9
risako9

How come 360 fanboys waste their time posting here? PS3 user + no PSN = proceed with normal life 360 users + no PSN = Diss the PS3 because they don't have a life besides gaming.

margimargi17
margimargi17

and someone was saying PC gaming was dieing LOL

gangsterlax
gangsterlax

It's all an elaborate scheme put into motion by a team of disgruntled employees. They knew the flaws in the system and sought to fill their pocketbooks while ruining Sony's image all at the same time.

maester334
maester334

Why do i hear all this talk from 360 users this was just a huge slip up for sony and could have just as well happened to microsoft so all these ppl sayin that this would never happen to the 360...SHUT UP

hajjjustin
hajjjustin

i wonder how sony will be compensating us for this incident

gx300
gx300

sony i need add language arabic

mega_sonic_fan
mega_sonic_fan

Here we go again with "You get what you pay for" bs again. Too bad ANYONE can be hacked at anytime, even the FBI has been hacked before. So I guess they get what they pay for too, right? Just because you pay for something doesnt make it better, PSN + users got hit too, so what are you going to say about that? This goes out to all users who play either xbox, wii or ps3 USE POINT CARDS!! They cost exactly as much as you would buy it online. lol :)

jhodge609
jhodge609

What do people who bought a ps3 on or during the days of the psn outage, do we receive compensation !?

OldKye
OldKye

@lmlf there's no such thing as a free to play online game that doesn't let you use real money to buy some kind of in game perks but since it's meant to drain as much money out of it as they can they don't feel the need to protect that data as much as say blizz with wow meaning it's a easier target like stealing a purse from a old lady you could ask the same reason why? but we all know it's cause it's easier

OldKye
OldKye

@MooncalfReviews i loved the deamcast they were ahead on everything but not good at selling it like the game gear Sega just never could sell hardware very well