220 views 9 comments

Recap of Sony’s PSN Intrusion Conference (When PSN Will Return, Compensation, and More)

by on May 1, 2011
 

Over the evening, while most of us were sleeping here in the states, conducted a short-notice press conference regarding the intrusion of their PlayStation Network and Qriocity. Apologizes were extended by , Shinji Hasejima, and Shiro Kambe for the inconvenience that has been placed on customer, followed by a very touching and humble bow.

Here’s a brief recap of what went down:

How was the Hacked?

  • The servers were located at ’s server centers in California.
  • On April 19th, unusual activity was noticed, an internal investigation was conducted. This activity had taken place from April 17 to April 19.
  • On April 20 a  temporary server shutdown was implemented to ensure security, minimize customer risk, and conduct an investigation. Sony then brought on a US security firm to help.
  • The intrusion was a highly sophisticated attack by 1 intruder; once this was established, a second security firm was brought in.
  • On April 24, Sony brought in another US security firm to analyze and gather information on the intrusion.
  • On April 26, customers were notified.

Mr. Hirai confirmed that customer’s security codes for their credit cards were not compromised, and only a maximum of 10 million people use their credit cards on the PSN. An FBI criminal investigation is currently being conducted in order to catch the intruder.

New Security measures:

  • Accelerating the move of data severs from San Diego to a different location (unmentioned).
  • Enhancing the detection capabilities for unauthorized intrusions.
  • Enhanced Software monitoring.
  • Enhanced levels of encryption.
  • Enhanced ability to detect software intrusions within the network.
  • Implementation of additional firewalls.
  • Created a position of Chief Information Officer to monitor the network.
  • PS3 will have a system update that will require all PS3 users to change their passwords, which can only be changed on the same PS3 where it was created or through a validated email confirmation.
  • Sony will consider covering the cost of reissuing new cards for those affected.
  • Sony will consider paying for identity theft protection services in each country of those affected.
  • Sony will implement a program to provide global customers will exclusive premium content; free content, 30 day free PS+, current PS+ users will receive 30 days of free service.

Sony also confirmed that they will never contact customers asking for any personal information. They plan to incrementally restart all PSN services, and additional services will be added in the near future. Parts of the Playstation Network will be resotred within a week:

  • Registration.
  • Online play.
  • Playing downloaded movies.
  • Playing unexpired movie rentals.
  • PlayStation Home and chat functionalities.

Full services will be restored within the month.