All Articles: ApocalyPS3 2011

As promised, Sony held a press conference on the state of the PlayStation Network and announced that the PSN/Qriocity music service will be back online next week. An exact date for the service’s return was not revealed, but the initial phase of the rollout will include restoration of online play, Qriocity’s Music Unlimited service, account management options (including password resets), PlayStation Home, the Friends List and chat. It looks like the PlayStation Store will come back online later.

Sony spent the last week examining the network infrastructure and investigating how the breach occured. In order to prevent something like this from happening again, the company has created a new position: Chief Information Security Officer. In addition to a new executive that reports directly to the highest levels of Sony, the gamemaker has beefed up the PSN’s security with automated software monitoring to defend against attacks, tougher encryption and new firewalls.

A mandatory PS3 update will also require all PSN users to change their passwords before logging in to the restored system. To further enhance security, this password change can only be performed on the same PS3 in which that account was activated or through a validated email confirmation.

To apologize for gamer’s patience during The Great PSN Outage of 2011, Sony has launched a “Welcome Back” program. The “Welcome Back” program will supply PSN users with free “entertainment content” (specific content will be announced soon) and a 30-day subscription to PlayStation Plus (or a 30-day extension for current subscribers). Current Qriocity users will receive a 30 days of free service. Sony plans to announce additional “Welcome Back” offerings over the next few weeks.

The full text of the press statement can be read at the PlayStaton.Blog.

It looks like gamers aren’t the only ones that can’t believe Sony waited as long as they did to inform consumers about their lost personal information. Connecticut Senator Richard Blumenthal has written a letter to SCEA President and CEO Jack Tretton demanding that consumers be compensated for the security breach and Sony’s failure to notify PlayStation Network users in a timely manner.

The Senator is asking Sony to provide PSN users with free access to credit reporting services for two years (this service is actually already provided by the federal government) and asked that “affected individuals [..] be provided with sufficient insurance to protect them from the possible financial consequences of identity theft.”

While I’m sure gamers everywhere appreciate Blumenthal going to bat for them, Sony is actually claiming that they just learned of the user information theft on Monday, April 25th. A Sony spokesman posted the following timeline of events on the PlayStation.Blog late last night:

There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. […] It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach.

The forehead-slapping stupidity of that statement makes me think the Senator might have a point. Sony’s failure to admit it was a strong possibiliy that hackers accessed the personal information of 77 million PSN users on the 19th is inexcusable.

Maybe it really is the “ApocalyPS3” for Sony…

First, the good news. Sony has “a clear path” to bringing the PlayStation Network back online. The software giant expects some services to be back online within a week. It’s not much, but a preliminary timetable is more than we knew before.

Now the bad news… HACKERS HAVE STOLEN YOUR PERSONAL INFORMATION FROM SONY! According to Sony, during the intrusion, an outside party obtained the following information from PSN users:

[N]ame, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. […] If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

While Sony states they are still investigating the security breach, I can’t believe they just learned what personal information (and possible credit card information) the hackers gained access to today. Sony should have notified PS3 owners about this possibility a week ago and I’m shocked that they, quite literally, said nothing over the holiday weekend.

More information is available at the PlayStation.Blog.

It’s been a rough couple days for PlayStation Network users, and despite rumors of the service coming back online soon, there’s really no end in sight. The latest update from the PlayStation Blog claims there’s no “update or timeframe to share at this point in time,” but that they’ll let us know as soon as new information becomes available.

Satoshi Fukuoka, spokesman for Sony Computer Entertainment in Tokyo, stated that a full investigation is underway to resolve the problem, which still is not being disclosed to the public. Even more alarming is that the company doesn’t know the scope of the security breach, stating that they don’t know if credit card information has been stolen. Fortunately, Fukuoka assures everyone that PlayStation will disclose such a breach immediately if it turns out to be true.

This is getting really bad, but I’m sure we all know who’s really behind this, despite them claiming they wouldn’t attack the PSN anymore. I guess they’ve gone back to looking at gamers everywhere as collateral damage.