All SOE Games, Websites, Services Down Due to Compromise
All attempts to reach SOE websites are redirected to http://maintenance.station.sony.com/
EQ2Wire’s interpretation of this announcement is this:
ALL Sony servers are now under security review due to the PlayStation Network breach, and in the course of that investigation, flaws in SOE’s public-facing servers were found. We have no reason to believe there has been an intrusion into SOE services, as they are separate from PSN servers. Of course news could come to light stating otherwise, but at this point, it seems that problems were found *before* they were taken.
UPDATE: It appears that SOE’s entire customer database, excluding credit card info, has been compromised.
Tags: account security, compromised accounts
Trackback from your site.
Comments (37)
Murfalad
| #
I was wondering about this, since they never came out to state publicly that the flaws in the PSN network did not exist in the SOE network. Whatever though its annoying, this sort of fixing had plenty of time to be done by now in a non-instrusive way.
Reply
Leon
| #
I would like to know how long this is going to take Everquest 2 has had a horrible amount of down time as is in the last two weeks.
Reply
Golur
| #
Thanks for this, Sony – it’s a Public Holiday in the UK, and most of Europe, and I was looking forward to a few hours quality time killing stuff.
Would another 24 hours have made any difference? Today is one of the only 10 days a year – including Christmas – that most people do not have to go to work. They CANNOT recompense for this with a 24hr double-anything. It’s a bloody awful thing to do.
Reply
Jay
| #
So just how does “We have found something that is worrying the hell out of us enough to kick everyone out at 2am” becomes “pre-emptive hardening”?
To me it sounds more like the 77,000,000 people who have had their private details leaked is about to increase by another 15,000,000+ Free Realms/EQ2 players.
Reply
isest
| #
All I can say is we had tons of downtime now this. The one day of double xp this week end does not even begin to make up for all the down time we had.
Honestly I don’t see the need to do this since they say the play station thing has no bearing on this.
Oh well par for the course.
Reply
timber
| #
thanks eq2wire for the info. with none of the soe sites working I was starting to feel deaf dumb and blind.
Reply
Feldon
| #
Note our interpretation could just as easily be wrong and there could be some kind of problem. But people are already assuming this is a break-in and they didn’t say that.
Reply
alan`
| #
did the servers just come down? when i logged out last night (uk time)nothing had been said at all
Reply
isest
| #
Well maybee were getting the new server stuff, still it would be nice for them to say something.
Reply
Striikor
| #
Actually they did state it was for security reasons. It would have been stupid to have made a public declaration that they were doing so ahead of time. If they are hacked or they are not hacked you don’t want the low lifes to know what you PLAN to do. I suspect they identified security holes in regards to the Play station network that need to be definitively closed on the station network.
I would love to be playing right now, but I would rather they fufill thier fiduciary responsibility to protect the personal data they require from us to subscribe!!
Reply
Striikor
| #
Ohhh forgot to include thier post
“We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday).
Reply
Soli
| #
Downtime does suck, but I’d much rather have the downtime fixing security problems than them leaving it and there was a breach and customers details being sold off :S Fingers crossed it’s fixed soon though
Reply
Asfixia
| #
Thanks SoE for preventing me from playing a game I have paid a subscription for. If the security is poor, it is SoE’s fault and a double xp day will not give us a bank holiday back.
Reply
Crescent
| #
everyone just talks about the PSN attack but refer to a Sony data Center in San Diego. The lead investigator group is the San Diego Field Office of the FBI. There was an unscheduled SOE Forum outage around 04/21, the date of the PSN attack. SOE-Brasse admitted to an attack in the general Forum with the “SOE announcement” thread but was countered 3 hours later by someone other community person saying that there is no connection between PSN and SOE networks. Ok now, no connection but was SOE attacked or not? Pretty obvious now, isn’t it?
The politics of silence.
Reply
Steve
| #
Crescent – It was Amnerys. I still don’t think they really have a full idea of how bad they were hacked and what was actually compromised.
Reply
Karl
| #
The networks wouldn’t have to be connected for this to be related to the PSN issues. I’m thinking a likely scenario is that they decided to review their other network configurations after the PSN breach and discovered that the same design / configuration flaw exists on the SOE network as well.
Kind of a bummer since I just re-started my EQ2 account on Friday. But I guess I can wait until they make sure my information is safe.
Reply
Jartal
| #
“Thanks for this, Sony – it’s a Public Holiday in the UK, and most of Europe, and I was looking forward to a few hours quality time killing stuff.”
LMAO. Yeah, your holiday is of greater importance of the financial and personal information of thousands of people. Please.
Reply
Crescent
| #
Steve – yup, you’re correct, it was Amnerys and it was the very last official statement in regards to the hack.
Now lets start a rumor that the FBI is actually in the process of carrying all SOE servers out of their building in San Diego as evidence. This might be a way of actually getting new hardware^^.
Reply
Sherry
| #
I’m just glad Sony is on top of it and taking precautions with other games other than the PS
Reply
Grugg
| #
There are three Sony divisions in San Diego: SCEA, SOE, and SEL.
SCEA operates PSN, of which some servers are located at American Internet Services (AIS). AIS also provides datacenter services to Oprah Winfrey and Pfizer. The AIS facility is extremely secure. AIS is adjacent to SCEA. I’ve toured AIS, and I’ve worked at SCEA.
SOE operates its services from a secure datacenter at its headquarters next to MCAS Miramar. SCEA and SOE do not share datacenters. I’ve toured SOE, and I’ve worked at SOE.
SEL is Sony Electronics, which isn’t relevant to this thread.
If there was an intrusion of SOE’s servers, it was a light intrusion. Not all intrusions are impactful. The security audit that followed apparently revealed a vulnerability that required immediate address.
Reply
Blueiris
| #
Well a double xp weekend wont be enough to compensate they eq2 players this time. If they gave us all a free mount, 1500 in sc, and a week of double xp that might be enough to compensate.
Reply
Atan
| #
Yeah, before they were abused…. sure…
Like all the account ‘hacks’ were the result of worms and poor stewardship of account info by the users…
I’m more interested in knowing if they could even detect if it had been abused.
And btw, hey, encryption of sensitive data at the database level is an amazing concept…
Reply
payingcustomer
| #
Sony you owe us paying customers at least 1 week of free game play.
Not only are you receiving about 13dollars from each subscription.you do updates to pretty shitty times.get your peeps in the morning hours.for what do we pay you!?!
And then these shitty laggy Servers.To many excuses and no fixes in timely matter.
We are anonymous,
we do not forget,
we do not wanna wait anymore.
get er done…………….
Reply
Murfalad
| #
I’m thinking that there is a degree of security “hardening” going on here too now, although the fact that they’ve taken things down all of a sudden points to something either with the same vulnerability, or an actual hack.
But looking back on the past there were signs that SOE’s security was stone age, the difficulty people were getting for example to get their accounts back online due to requiring the original credit card number etc all seems a bit primitive.
There is also the lack of a authenticator out there too, I can see a lot of high level Sony spending on security coming in the next few weeks, I wonder if SOE can use it to get the final few servers upgraded… 🙂
Reply
Feldon
| #
It could be an abundance of caution, or someone could have left the building with everyone’s data on a flash drive. We won’t know until we know.
Reply
Dethdlr
| #
Hopefully all will turn out well and nobody will have to commit seppuku.
Reply
Craig
| #
So Bloomberg and all other sites say it’s a another attack on Sony…..is this just one person “thinking it was a hack” and the others following along, or is there something to it?
Bloomberg:
Sony Online Entertainment, a unit that makes role-play games, suspended service after discovering a hacker gained access to its systems in the second such attack on the parent company’s entertainment networks.
Reply
Karl
| #
http://www.bloomberg.com/news/2011-05-02/sony-online-games-division-is-shut-down-in-second-network-attack.html
Given that Sony hasn’t made any official announcements yet about the shutdown today, sounds like Bloomberg is speculating. Their investigation could have uncovered an unexploited security issue that caused the shutdown.
Reply
Lathain
| #
lot of speculation, one of them it’s due to the 200 fired people…
Reply
Rotherian
| #
This is my take on it. It refers to “the intrusion into our systems” in the message, instead of “an intrusion into our systems”. That being the case, the use of the article “the” seems to indicate that there is only one intrusion. Being that there was an intrusion into the PSN network, this could very well be “the intrusion” to which the post refers.
If the above reasoning is correct, then the most likely conclusion is that, during an audit of their systems, they discovered a potential security weakness (not necessarily one that would even be noticed by most people, but one that has a greater than 0.0000000000001% chance of occurrence.) Rather than allow this potential weakness to remain, they would have no choice but to eradicate the weakness.
Of course, I could be wrong, but this is what it looks like from my seat.
Reply
Laenohe
| #
They should fix a couple of other things while their at it. I’m tired of getting mail in SWG about buying credits.
Reply
Arcturys
| #
We can stop speculating – it was another attack. This article is referring to the SOE outage, not the PSN attack.
Sony suffers another major security breach
Nikkei.com on Monday reported that an online Sony gaming network has once again fallen victim to a cyberattack. This time, the attack may have exposed the credit card numbers of thousands of Sony customers from around the world. According to the report, over 12,700 customer credit card numbers were stolen during a breach of Sony’s online gaming network, Sony Online Entertainment. According to Nikkei.com, Sony discovered the possible attack on Sunday. Sony recently suffered a similar attack on its PlayStation Network, which was offline for days as a result of the breach. Though Sony has yet to confirm this new incident publicly, the Sony Online Entertainment portal has been taken offline while Sony investigates the matter.
http://www.bgr.com/2011/05/02/sony-suffers-another-major-security-breach/
Reply
Arcturys
| #
Ah, and now a conflicting report. The one above says Sony reported a second attack where almost 13,000 credit card numbers stolen, but this one says a spokesperson claimed there hasn’t been a second attack:
“Sony says it has taken down its online PC gaming service due to a problem it found while investigating the security breach at its PlayStation service last month.
Sony Corp. said Monday on the Sony Online Entertainment website that it has temporarily suspended service because of an undisclosed issue. A spokesman says it’s not due to a second attack.
The site matches up players for PC games such as “Free Realms” and “DC Universe online.”
The company says it found the issue while investigating the recent security breach.
Sony executives apologized Sunday for the PlayStation Network security breach. The breach compromised the personal data of some 77 million player accounts.”
http://www.wral.com/news/technology/story/9534156/
Reply
Gryzzt
| #
Better read it and weep boys and girls, specially the euro’s whose data has been compromised. This is what SONY SOE just posted!
(editor’s note: full announcement/letter snipped)
Hmm down for a few days if not a week.
Reply
Arcturys
| #
Or is it now confirmed? This article states they took all SOE systems down after another attack last night.
http://www.joystiq.com/2011/05/02/sony-hit-with-second-attack-loses-12-700-credit-card-nu/
“The company took SOE servers offline after learning of the attack last evening, and today detailed the unfortunate results: “approximately 12,700 non-US credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, the Netherlands, and Spain” were lost, apparently from “an outdated database from 2007.” Of the 12,700 total, 4,300 are alleged to be from Japan, while the remainder come from the aforementioned four European countries.”
Reply
Pinkpanthar
| #
I want the issues fixed of course but isnt it about time that SOE took some of the profit earnt and invest it into software product security and software investment.I have seen EQ2 become cheaper and cheaper per expansion we are paying more for less every time.I agree with SOE laying off 3 internal software teams because the products they produced are sub par to say the least and have the imagination of a 1 day old child.If i could have my choice they should hire peter moulinex he has more sense than 40 software design teams.On my final note i hope that they sort EQ2 SWG and Vangurd.Vote hire moulinex he can get the job done 1000000 other programmers cant and make games laugh out loud funny plus 100% enthralling.SOE not investing = less customers bad content = less customers bad security = stigma wake up and smell the roses if you want profit you have to speculate to accumulate.If you have a business team advising you i would sack them also good quality = higher rewards funny that a Japanese company has dropped its standards to such low levels of achievement is totally against there nature normally.
Reply
Rotherian
| #
According to http://www.soe.com/securityupdate/pressrelease.vm this is what happened:
“Sony Corporation and Sony Computer Entertainment announced today that their ongoing investigation of illegal intrusions into Sony Online Entertainment LLC (SOE, the company) systems revealed yesterday morning (May 2, Tokyo time) that hackers may have stolen SOE customer information on April 16th and 17th, 2011 (PDT). SOE is based in San Diego, California, U.S.A.”
Note the dates of the breach.
According to the Huffington Post http://www.huffingtonpost.com/2011/04/26/playstation-network-hacker-stole-user-data_n_854106.html the PSN attack occurred between the 17th and 19th of April.
It is not unreasonable to consider the possibility, especially since there is some overlap in the days (i.e. the 17th), that both intrusions may have been part of the same series of attacks, from the same source.
It definitely isn’t something new, as the earliest date of the SOE intrusion precedes the earliest date of the PSN intrusion.
Reply