Sony-owned service hacked, and Sony's servers used for phishing

A Sony service is the latest victim of another attack, although this one involves a Sony subsidiary that is a Japanese Internet service provider. Officials at So-net Entertainment Corporation reported a breach by an online intruder who broke into the customer rewards site and stole $1225 worth of gift points from customers. This attack comes on the heels of the restoration of the PlayStation Network following almost a month of downtime.

So-net is a majority-owned financial unit of the Sony Corporation, with 58% ownership. In a statement to the Wall Street Journal, Keisuke Watabe, a spokesperson for So-net, said that while there remains a "possibility" that this has some connection to the PlayStation Network hacks, the company believes these two incidents are by and large unrelated as two different methods of intrusion (and motives) are in play.

In the attack, points were stolen from 128 customer accounts. 73 accounts were accessed with no modifications done. 90 So-net email accounts were also compromised. So-net has since issued a warning yesterday to its customers, stating that an individual tried to access the points service 10,000 times. The gift points are redeemable for online currency and Sony merchandise.

In other news, there is a rather embarrassing report of a live phishing site found on a Sony server. The server is for Sony's Thailand operations, and was discovered by F-Secure who have since blocked the site for their customers. A screenshot of the site is available below:

Image Credit: F-Secure

Report a problem with article
Previous Story

ActiveWin: Q&A with Microsoft Senior VP of Research, Rick Rashid

Next Story

Rumor: "Wii 2" to have front-facing camera in controller?

22 Comments

Commenting is disabled on this article.

You'd think Sony would've started beefing up there security in every services they deal in rather than wait till each one gets hacked first and more customer data stolen. Now we know never to provide Sony with online info for any future services until they've been hacked first.

Morisato said,
You'd think Sony would've started beefing up there security in every services they deal in rather than wait till each one gets hacked first and more customer data stolen. Now we know never to provide Sony with online info for any future services until they've been hacked first.

Don't provide any service with your personal info. If hackers want to steal it, they will, no matter the service. It's just about what company they choose to attack. Once you have your data online, it's available to the hackers. They only have to finde the right path...

"In other news"? Surely that should be the main story, rather than a subsidiary getting hacked with limited consequences? ^^

However unimportant the server is, that's pretty shocking.

I feel bad for Sony...kind of...but then I remember that this is the company that loaded all those root kits on customers pc's.

man back in my childhood you were considered a computer expert if you just owned one (never had to turn it on) but now everyones hacking them to death :'( why! WHYYYYYYY.... cant they hack something pointless and leave my sony alone :'(

SPEhosting said,
man back in my childhood you were considered a computer expert if you just owned one (never had to turn it on) but now everyones hacking them to death :'( why! WHYYYYYYY.... cant they hack something pointless and leave my sony alone :'(

You sound like that guy on YouTube who was crying about Britney Spears

This isn't just about "having a bad month"...this is something bigger and will have remificaitons far more severe than they appear for Sony as well as other online services.

This is bad for the whole "Cloud Techonology is now mature" argument.

dhaval001 said,
This isn't just about "having a bad month"...this is something bigger and will have remificaitons far more severe than they appear for Sony as well as other online services.

This is bad for the whole "Cloud Techonology is now mature" argument.

No, this is bad for companies that are too incompetent to deal with cloud technology. Real dependable cloud technology exists.

LiquidSolstice said,

No, this is bad for companies that are too incompetent to deal with cloud technology. Real dependable cloud technology exists.

It does? I've yet to see an example, honestly.

superconductive said,
Well, there's no doubt they pis$ed off the hacking community enough....

I wonder if Sony would take it all back at this point.