UPDATE: Per this update Sony has now taken down the entire Sony Online Entertainment service for online games: “We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday).” I’d be willing to bet a vulnerability was discovered as part of the ongoing PSN assessment and has nothing to do with last week’s intrusion, but we’ll see what the day brings.
As part of a weekend press conference Sony put their cards down on the table (as much as they’re likely to) as to the nature of the hack that resulted in the PSN being taken offline for the past couple of weeks. (Spoiler: It was a “sophisticated” attack. Headline!) They also explained their plans for restoring PSN service (slowly) and how they intend to compensate PSN users for enduring the experience. (Have some free stuff!) It’s worth pointing out they have yet to confirm any cases of credit card fraud as a result of the hack, insisting that they still haven’t found any specific evidence that this information has been stolen. (I’m inclined to give them the benefit of the doubt here.) The two big parts of the press release address the “initial phase” of PSN restoration and the “Complimentary Offering and Welcome Back Appreciation Program” and are quoted below…
On service restoration:
The initial phase of the rollout will include, but is not limited to, the following:
– Restoration of Online game-play across the PlayStation®3 (PS3) and PSP® (PlayStation®Portable) systems. This includes titles requiring online verification and downloaded games
– Access to Music Unlimited powered by Qriocity for PS3/PSP for existing subscribers
– Access to account management and password reset
– Access to download un-expired Movie Rentals on PS3, PSP and MediaGo
– Friends List
– Chat Functionality
On user compensation:
While there is no evidence at this time that credit card data was taken, the company is committed to helping its customers protect their personal data and will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in each region.
The company will also rollout the PlayStation Network and Qriocity “Welcome Back” program, to be offered worldwide, which will be tailored to specific markets to provide our consumers with a selection of service options and premium content as an expression of the company’s appreciation for their patience, support and continued loyalty.
Central components of the “Welcome Back” program will include:
– Each territory will be offering selected PlayStation entertainment content for free download. Specific details of this content will be announced in each region soon.
– All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days free service.
– Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days free service.
Additional “Welcome Back” entertainment and service offerings will be rolled out over the coming weeks as the company returns the PlayStation Network and Qriocity services to the quality standard users have grown to enjoy and strive to exceed those exceptions.
There’s more detail about the attack itself and Sony’s new security measures at the link for the full release. You can find the Euro version of the press release here. The Escapist has a nifty graphic that uses the unrivaled power of PowerPoint to explain how the intrusion occurred. Who wants to translate that for us in the comments?
And, yes, I do keep posting these stories as an excuse to use pictures of old trainwrecks.