SOE president says attempted hacks hit dormant accounts
John Smedley confident login and password information used in recent attack wasn't obtained from Sony, says attackers had "small percentage" of success in gaining access.
Yesterday, Sony revealed a new attack on its networks. This one resulted in the electronics giant temporarily locking down some 93,000 PlayStation Network, Sony Entertainment Network, and Sony Online Entertainment accounts. In an official statement, Sony chief information security officer Philip Reitinger said, "It is likely the data came from another source and not from our networks."
Speaking with GameSpot tonight after Game Developers Conference Online Awards, Sony Online Entertainment president John Smedley shed a little more light on what led the company to believe its system was not the ultimate source for the login info used in the attack.
"It's just simple math," Smedley said. "There was such a small percentage of successes. They were attacking with a large number. Because of that, the math tells us it wasn't [Sony's information]. We've said publicly when we were compromised before that the information is out there and could have been used. That was obviously the first thing we looked at. Then we did the mathematical analysis and said, 'Obviously that's not what happened.' I'm not going to say it's impossible [the info came from Sony]. We just think that's not the most likely case."
As for the accounts that were targeted, Smedley said many of them had never been accessed since the PlayStation Network was restored after an extended outage earlier this year. That outage was precipitated by a security breach that exposed some 77 million PSN accounts, not to mention an additional 24.6 million Sony Online Entertainment accounts. Upon logging back into the service after the restoration, users were prompted to change their passwords.
"We really strongly encourage users to change their passwords," Smedley said. "We can't force them to log in and do that. A great number of these accounts they were going after were dormant accounts. Those people in many cases had not yet done their password change. It takes some work to get them to focus on that."