Sony Shuts Down Another Game Network After Hackers Attack

It's happened again. Sony has temporarily shut down one of its online computer game networks, saying that hackers may have gained access to personal information for nearly 25 million users.

The latest disruption involves Sony Online Entertainment, which provides multiplayer games for computers. It shut down its service late Monday amid concerns that hackers may have hijacked information including names, addresses and birth dates.

In a notice to its customers today, Sony said: "Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems.  We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack."

On April 20, the company shut down its PlayStation Network after hackers lifted information on some 77 million users.

The company insists that the latest shutdown is not due to a second hacking incident, and says it believes that the additional 25 million users' data may have been stolen during the same break-in as the one reported earlier.

The latest shutdown affects “EverQuest,” one of the more popular online games.

Under attack

Sony executives apologized Sunday for the original breach and said the company is working to increase security. Sony says its online services have been under attack for at least six weeks. The company is working with the FBI to try to identify the attackers. Sony is not being so forthcoming with Congressional investigators, though.

Rep. Mary Bono Mack (R.-Calif.) sent a letter to Sony last week asking executives to testify before the House Committee on Energy and Commerce. The company declined but said it would provide written answers by Tuesday.

“I am deeply troubled by this latest data breach.  It reinforces my long-held belief that much more needs to be done to protect sensitive consumer information,” Rep. Bono Mack said in a statement.  “Most importantly, Americans should be quickly informed when their personal information has been hacked, especially in instances like this where there is an obvious potential for large scale identity theft.”

It has not been entirely clear when Sony learned of the intrusions. It shut down the PlayStation Network on April 20. It has said the attack occurred on April 16 and 17.

“Clearly, consumers need additional safeguards, and I will soon introduce legislation designed to provide it.  In addition, I have directed subcommittee staff to begin a thorough investigation into this latest incident to determine if hearings are needed”, she said.

What to do

Sony customers who think their data may have been breached should put a fraud notice on their credit records at the three major credit bureaus:

Experian: 888-397-3742;www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285;www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289;www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

The Federal Trade Commission offers extensive information for consumers who believe they may have been the victims of identity theft.