From SignOnSanDiego.com, the website of the San Diego Union-Tribune newspaper.
Customers of San Diego-based Sony Online Entertainment must watch out for “spear phishing” scams after a hacker may have gained access to personal information on 24.6 million accounts, including email addresses and passwords.
Privacy experts say cyber criminals could have enough information to send highly customized emails or postal letters — or make phone calls — that will appear to come from Sony in hopes of tricking customers into revealing more sensitive information — such as credit card or Social Security numbers.
Sony Online Entertainment urged its customers to be “especially aware” of these scams. “Sony will not contact you in any way, including email, asking for your credit card number, Social Security number or other personal information,” the company said in a letter to customers posted on its Web site. “If you are asked for this information, you can be confident Sony is not the entity asking.”
Sony Online Entertainment, which makes video games such as the EverQuest series that users play online, abruptly shut down its network on Monday after the breach was discovered. The breach did not expose customer credit card numbers in the U.S. But it did possibly reveal names, addresses, email, birth dates, gender, phone numbers, login names and passwords.
The PlayStation network breach came from an attack on a data center in San Diego. Taina Rodriguez, a Sony Online Entertainment spokeswoman, declined to say if PlayStation and Sony Online Entertainment shared the same data center.
“Our servers are different from the PSN servers,” she said. “We are operated separately. But since we’re both under the Sony umbrella, there is a degree of architecture that overlaps.”
Rodriguez added that Sony Online Entertainment’s network would be shut down until Friday and possibly longer. The company has contacted the FBI to investigate the attack.
Trackback from your site.