Between April 17 and April 19, 2011, the PlayStation Network, the online service powering the PlayStation 3 and PlayStation Portable consoles, was compromised. Hackers were able to retrieve the personal/customer information of some 77 million PlayStation Network accounts, including as many as 10 million credit card numbers on file for those customers. This was largely viewed as a retaliatory strike against Sony for their prosecution of George Hotz (GeoHot) who publically posted the PS3 Root Keys allowing owners of PS3 consoles to install their own choice of software, including the much ballyhooed Other OS feature which was prominently featured on the outside of the PS3 box, and which allowed users to install Linux on their PS3.

On April 22nd, we were assured that SOE was not affected by this break-in. However, with today’s press release (posted just over 1 hour ago), the curtain surrounding today’s Downtime has been pulled back, revealing that Sony’s woes now fully extend to the SOE Customer Database as well. SOE games, forums, and websites were not taken down in an ‘abundance of caution’, but because the entire customer database may have already been compromised/stolen by hackers.

The press release indicates that customer names, e-mails, and other personal information, including hashed password (which generally CANNOT be decrypted) may have been taken, as well as the bank details of up to 10,700 European customers, and credit card information for another 12,700 European customers from an old 2007 database, however credit card information was stored in a separate database and at this time it is being stated that this was NOT compromised.

Impacted customers will get 30 days free service and 1 day extra for each day that SOE services are unavailable. It is unclear when SOE services will be restored, but realize that the PlayStation Network is now entering it’s 13th day offline (since April 19th), preventing anyone from playing all  PS3 games online, including the popular Portal 2 and its much-advertised cooperative play.

Bloomberg.com posted a story earlier this afternoon suggesting that SOE’s services were down due to a “second attack”:

Sony Online Entertainment, a unit that makes role-play games, suspended service after discovering a hacker gained access to its systems in the second such attack on the parent company’s entertainment networks.

However in speaking to the Wall Street Journal, Michele Sturdivant, a Sony Online Entertainment spokeswoman denied the claim.

Sony Corp. has shut down a second online videogame network amid an expanding investigation of a computer attack that may have compromised the personal information of millions of users.

Sony Online Entertainment, a San Diego-based subsidiary that makes multiplayer role-playing games mostly for personal computers, said it temporarily shut down services on Sunday evening amid concerns a hacker had possibly breached its security.

Although we still have no confirmation or reason to believe that there has been any kind of security breach affecting SOE servers or customer accounts, and we are personally going to just wait and see what is announced, Amnerys has posted on the EQ2 Facebook announcement suggesting that concerned customers can contact SOE Customer Service:

Any players that have concerns regarding their account status and security should contact CS at 1-858-537-0898 (10am – 7pm PST, Mon-Fri).

and:

Please use the following phone numbers for your international area. Remember that these numbers are not toll free and are considered long distance from within each country.

Players using the “Outside France” phone number will be subject to International fees. UK: (44) 870-600-0267 – DE: (49) 180-500-7774 – FR: Inside France: (33) 825-120-549 – Outside France: (33) 171-230-495

Note some customers are getting a recorded message encouraging them to call back “next week”.

We’re sending extra cookies (and coffee) Ima’s way.

While there’s nothing new to report about SOE games, services, websites, and forums being down since 2AM PDT, there is growing coverage of this issue around the web.

Thus far, there has been no additional information posted on any SOE website, SOE Facebook, EQ2 Facebook, or the Twitter pages of any SOE employee or EQ2 team member.

News sites around the web:

• GamesBeat
• PC IGN
• BBC News
• Barron’s

And we’d be remiss if we didn’t mention that EQ2Flames is experiencing record traffic, with some 4,000 members online at times seeking news about the SOE Downtime. Some visitors are experiencing a busy message (indicated by ‘Database error’).

All attempts to reach SOE websites are redirected to http://maintenance.station.sony.com/

EQ2Wire’s interpretation of this announcement is this:

ALL Sony servers are now under security review due to the PlayStation Network breach, and in the course of that investigation, flaws in SOE’s public-facing servers were found. We have no reason to believe there has been an intrusion into SOE services, as they are separate from PSN servers. Of course news could come to light stating otherwise, but at this point, it seems that problems were found *before* they were taken.

UPDATE: It appears that SOE’s entire customer database, excluding credit card info, has been compromised.

We’ve just seen these server messages:

Greetings Norrath! The server will be coming down for a brief update at 03:30AM PDT Monday, May 02, 2011. Please find a safe place to log out before the server comes down. For more information on scheduled downtimes (link).

and:

SYSTEM MESSAGE: Greetings Norrath! The server will be coming down immediately for a update. Please plan accordingly to be logged off during this time. Thank you!

As of 11:30am CET (2:30 PDT) it seems the Login servers are down or inaccessible.

UPDATE: As of 11:50am CET (2:45 PDT), SOE Login servers are down affecting switching characters or logging in.

UPDATE: As of 11:55am CET (2:55 PDT), SOE forums are offline.

A cantankerous discussion on the EQ2 Forums posted over the New Year’s holiday addresses the issue of Account Hacks and Compromised Accounts. Due to the holiday schedule, some players have experienced as long as a 2 week wait to have their accounts restored or rolled back. Update: We’ve found a far more constructive thread on the subject of the increase in Compromised EQ2 Accounts.

Amnerys has posted an update on the situation as well as a word on Velious Winter Rewards for those who were not automatically granted them:

Players have been advised about The Dangers of Buying Plat and/or Power Leveling services for a couple of years now, including the consequences such as compromised accounts.

However this July, SOE became aware of a more insidious and direct attack upon the EQ2 playerbase. We’re talking about an Account Phishing Scam that encourages players to login to an official-looking website using their SOE Station credentials. Personal information including logins, passwords, e-mail addresses, account names, are logged and eventually used to strip characters and otherwise compromise accounts for plat and item distribution within the game.

In the Account Fraud panel at Fan Faire, as well as some discussions with SOE staff, we have determined some sobering data points.